Fuzzing is an automated testing technique for smart contracts that generates a pre-set number of randomized/unexpected inputs that are thrown to the system with the end goal of exposing security vulnerabilities by triggering unexpected/invalid behavior.
Two types of fuzzing:
-
Stateless fuzzing:
- state resets between function calls
- a single function takes randomized input params
- used for individual functions
-
Stateful fuzzing
- state is maintained across multiple function calls
- multiple random function calls with randomized input params
- used for invariant testing
Top comments (0)