-
Notifications
You must be signed in to change notification settings - Fork 46
Command Line Interface
medusa
can run parallelized fuzz testing of smart contracts through its Command Line Interface (CLI). The CLI supports three main commands and each command has a variety of flags:
-
medusa init [platform]
will initializemedusa
's project configuration file -
medusa fuzz
will begin the fuzzing campaign. -
medusa completion <shell>
will provide an autocompletion script for a given shell
Let's look at each command.
Note: We highly recommend reading more about
medusa
's project configuration parameters before diving intomedusa
's CLI capabilities.
To create a medusa
project configuration, invoke medusa init [platform]
to create a configuration file for the provided platform within your current working directory. Invoking this command without a platform
argument will result in medusa
using crytic-compile
as the default compilation platform.
Note that the output of
medusa init
, which is equivalent tomedusa init crytic-compile
, is considered the default configuration ofmedusa
While running medusa init
, you have access to two flags:
-
medusa init [platform] --out myConfig.json
: The--out
value will determine the output path where your project configuration file will be outputted. Without--out
, the default output path ismedusa.json
in the current working directory. -
medusa init [platform] --target myContract.sol
: The--target
value will determine the compilation target.
After you have a project configuration setup, you can now run a fuzzing campaign.
To run a fuzzing campaign, invoke medusa fuzz
. The fuzz
command supports a variety of flags:
-
medusa fuzz --config myConfig.json
: Will use the configuration inmyConfig.json
as the project configuration. If--config
is not set,medusa
will look for amedusa.json
file in the current working directory -
medusa fuzz --target myContract.sol
: Will set the compilation target tomyContract.sol
-
medusa fuzz --workers 20
: Will set the number ofworkers
to 20 threads -
medusa fuzz --timeout 1000
: Will set thetimeout
to 1000 seconds -
medusa fuzz --test-limit 50000
: Will set thetestLimit
to 50000 function calls -
medusa fuzz --seq-len 50
: Will set thecallSequenceLength
to 50 transactions -
medusa fuzz --deployment-order "FirstContract,SecondContract"
: Will set the deployment order to[FirstContract, SecondContract]
-
medusa fuzz --corpus-dir myCorpus
: Will set the corpus directory path tomyCorpus
-
medusa fuzz --senders "0x10000,0x20000,0x30000"
: Will set thesenderAdddresses
to[0x10000, 0x20000, 0x30000]
-
medusa fuzz --deployer "0x10000"
: Will set thedeployerAddress
to0x10000
-
medusa fuzz --assertion-mode
: Will setassertionTesting.enabled
totrue
-
medusa fuzz --optimization-mode
: Will setoptimizationTesting.enabled
totrue
-
medusa fuzz --trace-all
: Will settraceAll
totrue
Note that the fuzz
command will use both the project configuration file in addition to any flags to determine the final project configuration. Thus, it uses both of them in tandem.
This results in four different ways to run medusa
:
-
medusa fuzz
: Runmedusa
using the configuration inmedusa.json
with no CLI updates.🚩 If
medusa.json
is not found, we will use the default configuration. -
medusa fuzz --workers 20 --test-limit 50000
: Runmedusa
using the configuration inmedusa.json
and override theworkers
andtestLimit
parameters.🚩 If
medusa.json
is not found, we will use the default configuration and override theworkers
andtestLimit
parameters. -
medusa fuzz --config myConfig.json
: Runmedusa
using the configuration inmyConfig.json
with no CLI updates.🚩 If
myConfig.json
is not found,medusa
will throw an error -
medusa fuzz --config myConfig.json --workers 20 --test-limit 50000
: Runmedusa
using the configuration inmyConfig.json
and override theworkers
andtestLimit
parameters.🚩 If
myConfig.json
is not found,medusa
will throw an error
medusa
also provides the ability to generate autocompletion scripts for a given shell. Once the autocompletion script is ran for a given shell, medusa
's commands and flags can now be tab-autocompleted. The following shells are supported:
- bash
- zsh
- Powershell
To understand how to run the autocompletion script for a given shell, run the following command
medusa completion --help
Once you know how to run the autocompletion script, retrieve the script for that given shell using the following command.
medusa completion <shell>