sFuzz

Fuzzing tool for smart contract vulnerability detection

1. Prepare smart contracts

Create contracts/ folder and put your solidity files there. Since one solidity file can contains more than 1 contract, rename your file to the name of contract which you want to test.

E.g: a file Sample.sol contains two contracts Bank and ERC20. To test contract Bank, rename Sample.sol to Bank.sol

2. Quick start

Pull docker image

docker pull sfuzz/ethfuzzer

Start container and map contracts/ folder to container.

docker run -it -v /path/to/contracts/folder/:/home/contracts/ sfuzz/ethfuzzer

Note that: /path/to/contracts/folder/ is absolute path to contracts folder

Test solidity file in contracts/ folder

cd /home/ && ./fuzzer -g -r 0 -d 120 && chmod +x fuzzMe && ./fuzzMe

Fuzzer shows progress in terminal

Terminal output

output files are saved to contracts/folder

3. Common Errors

Q: Can not compile solidity source code ?

sFuzz relies on external compiler to compile solidity source code. In docker container, we installed solc v0.4.24. If you want to fuzz with other solidity versions, replace our solc at /usr/bin/solc with your own solc. Visit https://github.com/ethereum/solidity/releases to download specific solidity version.

Q: Contract is not found ?

Make sure file name of solidity is one of the contract names in that file

Q: Core dump ?

Make sure your contract is compiled by container’s solc without errors