Echidna 2.3.0-RC2

This release candidate pre-release is for benchmarking and testing latest features. Do not use it in production, wait for the upcoming final release instead.

What's Changed

• Drop Etheno support by @elopez in #1402
• Drop estimateGas support by @elopez in #1403
• fix: reduce html class names to their first letters by @divyaranjan1905 in #1404
• Store event changes into Echidna's corpus by @divyaranjan1905 in #1405
• Clean up subState when setting up transactions by @elopez in #1408
• Reworked symbolic execution code by @gustavo-grieco in #1394
• build(deps): bump DeterminateSystems/nix-installer-action from 18 to 19 by @dependabot[bot] in #1407
• Add values from tuple elements into the dictionary by @gustavo-grieco in #1406
• Test older solc versions on merge by @elopez in #1412
• Fix CI tests by @elopez in #1414
• Speed up coverage filename calculation by @elopez in #1411
• Reduce test flakiness by @elopez in #1416
• build(deps): bump actions/download-artifact from 4 to 5 by @dependabot[bot] in #1418
• build(deps): bump actions/checkout from 4 to 5 by @dependabot[bot] in #1419
• Update hevm to 9982c580ed19b88ebab9744d29d940fd2f0bd8c6 by @elopez in #1417
• Test improvements by @elopez in #1421
• docker: update base image; build with musl; include z3, bitwuzla by @elopez in #1422
• flake: add bitwuzla and cvc5 to fuzz shell by @elopez in #1425
• flake: update nixpkgs, foundry, bitwuzla by @elopez in #1427
• tests: fix default config to match default values in code by @elopez in #1429
• Update CODEOWNERS by @elopez in #1432
• Only verify suitable methods by @gustavo-grieco in #1431
• docs: fix incorrect Docker volume mount command by @zkpepe in #1433
• Update references to hevm repository by @elopez in #1435
• Add independent coverage directory configuration option by @BowTiedRadone in #1428
• ci: macos: add missing gmp rewrite by @elopez in #1440
• build(deps): bump actions/setup-python from 5 to 6 by @dependabot[bot] in #1442
• build(deps): bump softprops/action-gh-release from 2.3.2 to 2.3.3 by @dependabot[bot] in #1443
• fix: ppAbiValue mapping in JSON.mapCall for SolCall by @VolodymyrBg in #1445
• Fix build failure with GHC 9.10 by @elopez in #1446
• scripts: libff: enable C++11 on build by @elopez in #1447
• Fixed event decoding crash by @gustavo-grieco in #1450
• build(deps): bump DeterminateSystems/nix-installer-action from 19 to 20 by @dependabot[bot] in #1451
• ci: macos-13 -> macos-15-intel by @elopez in #1455
• Revamp HTML coverage report by @elopez in #1415
• Added initial support for generation of foundry reproducers by @gustavo-grieco in #1437
• Set up proper reversion state when loading transactions by @gustavo-grieco in #1453
• Support for encoding valid calls for callbacks by @gustavo-grieco in #1444
• echidna: enable rtsopts by @elopez in #1457
• Add solc constraint to the callback test by @gustavo-grieco in #1458
• Symbolic execution fixes to make sure no counter example is missed by @gustavo-grieco in #1441
• Include value into json output and use string instead of integer by @gustavo-grieco in #1460
• add foundry to docker image by @bsamuels453 in #1469
• Show trace instead of list of events when deployment failed by @gustavo-grieco in #1466
• Log shrinking status by @BowTiedRadone in #1454
• Avoid crashing when trying to do symbolic execution in fallback
• Switch to stack based loop detection in symbolic execution exploration
• Silence RPC warning when there is no RPC configured

New Contributors

• @divyaranjan1905 made their first contribution in #1404
• @zkpepe made their first contribution in #1433
• @BowTiedRadone made their first contribution in #1428
• @VolodymyrBg made their first contribution in #1445
• @bsamuels453 made their first contribution in #1469

Echidna 2.3.0-RC1

This release candidate pre-release is for benchmarking and testing latest features. Do not use it in production, wait for the upcoming final release instead.

What's Changed

• Drop Etheno support by @elopez in #1402
• Drop estimateGas support by @elopez in #1403
• fix: reduce html class names to their first letters by @divyaranjan1905 in #1404
• Store event changes into Echidna's corpus by @divyaranjan1905 in #1405
• Clean up subState when setting up transactions by @elopez in #1408
• Reworked symbolic execution code by @gustavo-grieco in #1394
• build(deps): bump DeterminateSystems/nix-installer-action from 18 to 19 by @dependabot[bot] in #1407
• Add values from tuple elements into the dictionary by @gustavo-grieco in #1406
• Test older solc versions on merge by @elopez in #1412
• Fix CI tests by @elopez in #1414
• Speed up coverage filename calculation by @elopez in #1411
• Reduce test flakiness by @elopez in #1416
• build(deps): bump actions/download-artifact from 4 to 5 by @dependabot[bot] in #1418
• build(deps): bump actions/checkout from 4 to 5 by @dependabot[bot] in #1419
• Update hevm to 9982c580ed19b88ebab9744d29d940fd2f0bd8c6 by @elopez in #1417
• Test improvements by @elopez in #1421
• docker: update base image; build with musl; include z3, bitwuzla by @elopez in #1422
• flake: add bitwuzla and cvc5 to fuzz shell by @elopez in #1425
• flake: update nixpkgs, foundry, bitwuzla by @elopez in #1427
• tests: fix default config to match default values in code by @elopez in #1429
• Update CODEOWNERS by @elopez in #1432
• Only verify suitable methods by @gustavo-grieco in #1431
• docs: fix incorrect Docker volume mount command by @zkpepe in #1433
• Update references to hevm repository by @elopez in #1435
• Add independent coverage directory configuration option by @BowTiedRadone in #1428
• ci: macos: add missing gmp rewrite by @elopez in #1440
• build(deps): bump actions/setup-python from 5 to 6 by @dependabot[bot] in #1442
• build(deps): bump softprops/action-gh-release from 2.3.2 to 2.3.3 by @dependabot[bot] in #1443
• fix: ppAbiValue mapping in JSON.mapCall for SolCall by @VolodymyrBg in #1445
• Fix build failure with GHC 9.10 by @elopez in #1446
• scripts: libff: enable C++11 on build by @elopez in #1447
• Fixed event decoding crash by @gustavo-grieco in #1450
• build(deps): bump DeterminateSystems/nix-installer-action from 19 to 20 by @dependabot[bot] in #1451
• ci: macos-13 -> macos-15-intel by @elopez in #1455
• Revamp HTML coverage report by @elopez in #1415
• Added initial support for generation of foundry reproducers by @gustavo-grieco in #1437
• Set up proper reversion state when loading transactions by @gustavo-grieco in #1453
• Support for encoding valid calls for callbacks by @gustavo-grieco in #1444
• echidna: enable rtsopts by @elopez in #1457
• Add solc constraint to the callback test by @gustavo-grieco in #1458
• Symbolic execution fixes to make sure no counter example is missed by @gustavo-grieco in #1441
• Downgrade z3 to 4.12.6 by @gustavo-grieco in #1461
• Include value into json output and use string instead of integer by @gustavo-grieco in #1460
• add foundry to docker image by @bsamuels453 in #1469
• Show trace instead of list of events when deployment failed by @gustavo-grieco in #1466
• Log shrinking status by @BowTiedRadone in #1454

New Contributors

• @divyaranjan1905 made their first contribution in #1404
• @zkpepe made their first contribution in #1433
• @BowTiedRadone made their first contribution in #1428
• @VolodymyrBg made their first contribution in #1445
• @bsamuels453 made their first contribution in #1469

Echidna 2.2.7

What's Changed

• UI is now more responsive and can be scrolled using the keyboard (arrow keys, PgUp/Down, Tab)
• Text mode now reports gas/s during a fuzzing campaign.
• The docker container and static binaries are now also built for ARM Linux.
• Users can now give a friendly name to a project through the config file and it will show in the UI.
• Bugs squashed when shrinking, generating random integers, collecting contract addresses into the internal dictionary, and counting gas usage.
• Echidna is now built with GHC 9.8.4
• hevm has been upgraded to release/0.55.0
  • This hevm release includes multiple fixes and performance improvements, including a fix for multiple contract deployments under a prank.
  • Full hevm changelog: argotorg/hevm@037ff11...2931f09

Deprecation notice

Important

The following features will be removed from future Echidna releases. This will be the last release supporting:

• Etheno integration, and the initialize configuration option
• Gas estimation (estimateGas configuration option)
• Concolic execution (symExecConcolic configuration option)

New Contributors

• @figtracer made their first contribution in #1357

Full Changelog: v2.2.6...v2.2.7

Echidna 2.2.6

What's Changed

• Users can now turn off the Slither integration with the disableSlither config option or the --disable-slither command-line flag (#1327).
  • This is only intended for development, and we do not recommend doing this as it degrades fuzzing efficiency.
  • Additionally, the UI now shows a visible warning when the Slither integration fails to execute for any reason.
• More statistics on exit: Echidna now prints the total call count (#1328)
• Precompiles now work correctly on Windows (#1333)
• hevm has been upgraded to release/0.54.2 (#1331)
  • This hevm release includes fixes for prank and startPrank. Pranking now applies to contract creation, and startPrank behavior now matches Foundry's.
  • Full hevm changelog: argotorg/hevm@f1f45d3...037ff11

Full Changelog: v2.2.5...v2.2.6

Echidna 2.2.5

What's Changed

• Support Ethereum Cancun upgrade, including MCOPY (#1317, #1309, #1300)
• Print a warning if an assert isn't hit in assert mode (#1110)
• Add support for the vm.label cheatcode when printing call sequences (#1314)
• Add support for other cheatcodes: startPrank, stopPrank, setEnv, and env{Bool,Uint,Int,Address,Bytes32,String,Bytes} (#1300)
• Collect coverage during contract deployment (#1304)
• Fix overflow behavior: overflows now revert the transaction, rather than causing Echidna to error (#1293)
• Add documentation (#1298)

Full Changelog: v2.2.4...v2.2.5

Echidna 2.2.4

Echidna 2.2.4 is an exciting release that brings a host of improvements in fuzzing speed and user experience. This update:

• Boosts performance through optimized shrinking and multicore fuzzing. Adjustments made to our multi-worker implementation will provide increased performance when multiple workers are in use, meaning you can now have a faster and more scalable fuzzing experience. Echidna will now by default run between one to four workers, based on the available CPU cores. While we have set an intelligent default logic, you can continue to manually control the number of workers with the workers config option or --workers CLI switch. Another welcome tweak is in the shrinking process where a single worker now handles a shrinking task to minimize contention.

• Enhances user interface with handy shortcuts, added metrics, more informative messages, and clearer error responses. The new shortcuts allow for swiftly toggling the visibility of the tests and log panels (t and l). The newly introduced performance metric gas/s should be a more user-friendly indicator of execution performance than its predecessor calls/s. Expect insightful time measurements when saving coverage and an added message upon saving reproducers. Last but not least, we improved the error messages in various conditions, for better clarity and ease of understanding.

• Adds initial support to TLOAD/TSTORE opcodes as we continue our work towards achieving full compatibility with Cancun. Note that other new opcodes from Cancun are still not supported, so we recommend working with solc 0.8.24 or older for the time being.

• Introduces more configuration options including the ability to specify the Etherscan API key via the config file.

Take a peek at Echidna v2.2.4 in action fuzzing assert.sol:

The full changelog is provided below:

Added

• Toggle tests and log panes on t and l by @arcz in #1197
• Use measureIO when saving coverage by @samalws-tob in #1202
• Adjust default GC allocation area by @elopez in #1228
• Update filterFallbacks to be selective rather than all-or-nothing by @samalws-tob in #1200
• Add symbolic execution by @samalws-tob in #1216
• Support configuring Etherscan API key via config file by @elopez in #1227
• Allow to use specific filter for direct symexec by @ggrieco-tob in #1251
• Display assertion failure immediately once falsified in text mode by @samalws-tob in #1271
• Emit log message when saving reproducers by @samalws-tob in #1273
• Emit "saved reproducer" log message as event rather than putStrLn by @samalws-tob in #1274
• Show gas per second in the UI by @samalws-tob in #1279
• Show trace on UnknownFailure by @samalws-tob in #1283
• Initial support for tstore/tload by @ggrieco-tob in #1286
• Raise default number of workers by @elopez on #1288 [BREAKING CHANGE]

Fixed

• Improve delay shrinking by @arcz in #1196
• Improved shrinking removing reverts from reproducers by @ggrieco-tob in #1250
• Shrink on one worker by @arcz in #1280
• Fix Windows support after crytic-compile changes by @elopez in #1235
• ci, release: pin macOS runners to the correct architectures by @elopez in #1244
• Avoid a crash when invalid filtering is used and provide a better error message by @ggrieco-tob in #1258
• Improve max code size error message by @arcz in #1269
• Fix MVar issue by @samalws-tob in #1281
• Minor change for symExecTimeout comments by @samalws-tob in #1285
• chore: fix some typos by @yetyear in #1215
• Fix typos by @xiaoxianBoy in #1217
• chore: remove repetitive word by @findseat in #1232
• Fix some typos in comments by @momantech in #1238
• chore: fix some comments by @cangqiaoyuzhuo in #1272
• Fix typos by @omahs in #1287
• Docs improvement by @nnsW3 in #1278

Updated

• Bump softprops/action-gh-release from 0.1.15 to 2.0.3 by @dependabot in #1203
• Bump softprops/action-gh-release from 2.0.3 to 2.0.4 by @dependabot in #1220
• Bump softprops/action-gh-release from 2.0.4 to 2.0.5 by @dependabot in #1255
• Bump softprops/action-gh-release from 2.0.5 to 2.0.6 by @dependabot in #1277
• Bump cachix/install-nix-action from 25 to 26 by @dependabot in #1204
• Bump cachix/install-nix-action from 26 to 27 by @dependabot in #1263
• Bump DeterminateSystems/magic-nix-cache-action from 3 to 4 by @dependabot in #1222
• Bump DeterminateSystems/magic-nix-cache-action from 4 to 6 by @dependabot in #1257
• Bump DeterminateSystems/magic-nix-cache-action from 6 to 7 by @dependabot in #1267
• Bump DeterminateSystems/nix-installer-action from 9 to 10 by @dependabot in #122
• Bump DeterminateSystems/nix-installer-action from 10 to 11 by @dependabot in #1256
• Bump DeterminateSystems/nix-installer-action from 11 to 12 by @dependabot in #1268
• Bump cachix/cachix-action from 14 to 15 by @dependabot in #1262
• Bump docker/build-push-action from 5 to 6 by @dependabot in #1275
• Bump sigstore/gh-action-sigstore-python from 2.1.1 to 3.0.0 by @dependabot in #1289
• Upgrade hevm to latest echidna-patches commit by @elopez in #1243

New Contributors

• @yetyear made their first contribution in #1215
• @xiaoxianBoy made their first contribution in #1217
• @findseat made their first contribution in #1232
• @momantech made their first contribution in #1238
• @cangqiaoyuzhuo made their first contribution in #1272
• @nnsW3 made their first contribution in #1278

Full Changelog: v2.2.3...v2.2.4

Echidna 2.2.3

What's Changed

• Bump actions/cache from 3 to 4 by @dependabot in #1173
• Refactor BuildOutput by @arcz in #1174
• Validate corpus while replaying by @arcz in #1177
• Refactor by @arcz in #1178
• Save traces for every transaction in reproducer by @arcz in #1180
• Display contract names in UI by @arcz in #1181
• Fix faulty corpus transaction detection by @arcz in #1184
• Bump DeterminateSystems/magic-nix-cache-action from 2 to 3 by @dependabot in #1186
• nix: enhance TERMINFO for Linux builds by @elopez in #1187
• Update hevm to 0.53.0 by @arcz in #1189
• Update README.md by @0xicingdeath in #1190
• Speed up shrinking in some cases by @samalws-tob in #1192
• feat: add CLI commands for RPC URL and block number by @penandlim in #1194
• Echidna 2.2.3 by @arcz in #1195

New Contributors

• @penandlim made their first contribution in #1194

Full Changelog: v2.2.2...v2.2.3

Echidna 2.2.2

What's Changed

• Save corpus and reproducers continuously (#1167)
• Deliver status information using server-sent events (#1131)
• Performance improvements for coverage collection (#1160)
• Make slither optional (#1159)
• Rich trace printing (#1157)
• Static builds and release workflow (#1133)
• Re-enables using slither for vyper files (#1108)
• Dependency updates (#1153, #1096, #1154)

Full Changelog: v2.2.1...v2.2.2

Echidna 2.2.1

What's Changed

• Shanghai fork support with hevm 0.51.3 (#1090)
• Fixed coverage collection for delegatecalls (#1083)
• Added events to JSON output (#1069)
• Changed event sequence to be displayed on new lines (#1079)
• Improved "No tests found in ABI" error message (#1077)
• Refactored code (#1070, #1074)

Full Changelog: v2.2.0...v2.2.1

Echidna 2.2.0

Echidna 2.2.0 contains significant improvements to the fuzzing speed and UX:

• Multicore fuzzing & optimized coverage collection. Those combined delivered up to 20x fuzzing speed improvement on a real-world internal benchmark. The number of workers can be configured with workers config option or --workers CLI switch. Echidna runs only one worker by default, but this might change in future releases.
• Lcov support. It is output by default and can be controlled with the coverageFormats config option. This enables external coverage tools such as genhtml or VSCode plugins.
• More configuration options. Added --timeout <seconds> CLI switch. RPC URL and block number can now be also specified in the config file for on-chain fuzzing.
• UI improvements. Echidna now outputs an event log for any fuzzing breakthrough, such as new coverage. The interactive UI was significantly reworked to accommodate all the changes from this release (see the screenshot below).

Note, we changed the way reverts are shown in coverage reports. Now, only the line where a revert happened is marked, instead of the whole path.

The full changelog:

Added

• Multicore fuzzing (#963, #1033, #1026, #1035)
• Lcov format support (#1029)
• Experimental power number generator for uints (#892)

Changed

• Coverage collection optimization (#1003, #1041)
• On-chain fuzzing improvements (#1017)
• Refactored code (#1020, #1021)
• Updated dependencies (#1022, #1023)
• UI improvements (#1031, #1032, #1034, #1040)
• Readme improvements (#1019)