v1.2.1

This marks a minor release of medusa. Version 1.2.1 brings a patch that allows users to install medusa using go install.

Bug Fixes

• Fix go install installation by @elopez in #609

Full Changelog: v1.2.0...v1.2.1

v1.2.0

This marks a minor release of medusa. Version 1.2.0 has a variety of new features, including the introduction of some very needed cheatcodes (startPrank, stopPrank, and getCode), verbosity levels for execution traces, and revert reports. Additionally, we have made significant improvements to the HTML coverage reports to improve user experience. Finally, we have migrated to branch coverage-guided fuzzing which, according to our internal benchmarking results, significantly outperforms PC coverage-guided fuzzing.

The installation process is now simpler than ever. Users across all operating systems can now run go install github.com/crytic/medusa@latest to download medusa!

What's Changed

• Support for startPrank and stopPrank cheatcodes by @Xenomega in #594
• Support for getCode cheatcode by @0xZRA in #593
• Add verbosity levels to execution traces by @priyankabose in #601
• Migrate from PC-based coverage to branch-based coverage by @samalws-tob in #585
• Introduction of revert reports for easier harness debugging by @bsamuels453 in #466
• Add file explorer and search capabilities to HTML coverage reports by @anishnaik in #588
• Support specifying target contract balances using hex, base-10, and scientific notation by @0xZRA in #580
• medusa-geth module path refactor by @Xenomega in #584

New Contributors

• @0xZRA made their first contribution in #580
• @laterlaugh made their first contribution in #589
• @MiloTruck made their first contribution in #597
• @growfrow made their first contribution in #596
• @MKVEERENDRA made their first contribution in #587

Full Changelog: v1.1.1...v1.2.0

v1.1.1

This marks a minor release of medusa. Version 1.1.1 fixes two critical bugs: an out-of-memory leak that occurs during corpus initialization and a race condition due to concurrent reads and writes on coverage maps.

What's Changed

• Enable calling view methods by default by @anishnaik in #569
• Use address labels while logging call sequences by @smonicas in #572

Bug Fixes

• Fix memory leak during corpus initialization by @anishnaik in #581
• Acquire lock before calculating the unique program counter value by @anishnaik in #575
• Fix bug with the traceAll feature by @anishnaik in #573
• Trim whitespace around FFI output by @anishnaik in #578

Full Changelog: v1.1.0...v1.1.1

v1.1.0

This marks a minor release of medusa. Version 1.1.0 introduces a few critical bug fixes and some minor feature additions.

What's Changed

• Allow users to specify additional arguments while running slither @anishnaik in #554
• Add --rpc-url and --rpc-block flags by @anishnaik in #557
• Add "Collapse all" and "Expand all" buttons to the HTML coverage report by @Xenomega in #302
• Deprecation of the difficulty cheatcode which is now a no-op by @anishnaik in #564
• Introduction of the prevrandao cheatcode by @anishnaik in #564
• Improvements to logging during call sequence shrinking by @anishnaik in #564

Bug Fixes

• Hotfix for a non-deterministic panic that was triggered with the introduction of on-chain fuzzing by @bsamuels453 in #560
• Fix issues related to using VM cheatcodes by @anishnaik in #564
• Fix panic that occurred in optimization mode by @anishnaik in #564
• Fix issues related to context management and cancellations by @anishnaik in #564

Full Changelog: v1.0.0...v1.1.0

v1.0.0

This is medusa's first major release. It includes many powerful features and important bug fixes. The biggest update is the introduction of on-chain fuzzing! medusa can now run starting with an existing state provided by an external RPC service (Infura, Alchemy, local node, etc). This enables users to speed up the fuzzing setup when using already deployed contracts. Please note that the on-chain fuzzing capability is in "experimental mode" and will continue to improve over the next few releases.

Additional features include integration with Slither for improved value generation, capturing transaction return values for improved value generation, efficient shrinking during optimization mode, and support for the label cheatcode.

What's Changed

• Support for on-chain fuzzing via external RPC by @bsamuels453 in #513
• Integrate Slither for improved value generation by @anishnaik in #530
• Capture transaction return values for improved value generation by @anishnaik in #533
• Add support for the vm.label cheatcode by @priyankabose in #545
• Improve runtime performance and shrinking during optimization mode by @anishnaik in #548
• Add Docker support by @elopez in #522
• Add Nix support by @bohendo in #143
• Add support for exploration mode through the CLI by @tuturu-tech in #526

Bug Fixes

• Fix warp to allow for the setting of a starting timestamp by @anishnaik in #499
• Fix duplication bug in program counter coverage by @0xalpharush in #485
• Fix execution tracing during failed contract deployments by @anishnaik in #538
• Fix weighting of corpus items to use timestamp to favor 'hardest-to-discover' inputs by @0xalpharush in #383
• Improve error logging for arithmetic overflows and underflows by @hexshire in #536
• Fix error handling during corpus initialization by @MukulKolpe in #537

New Contributors

• @tuturu-tech made their first contribution in #526
• @bohendo made their first contribution in #143
• @hexshire made their first contribution in #536
• @MukulKolpe made their first contribution in #537
• @priyankabose made their first contribution in #543
• @bsamuels453 made their first contribution in #513

Full Changelog: v0.1.8...v1.0.0

v0.1.8

This marks a minor release of medusa. Note that this version has no new features or bug fixes from the previous version (v0.1.7). A new release had to be made due to a bug in the CI of medusa that prevented the CI artifacts for the release from being built correctly (#406).

v0.1.7

This marks a minor release of medusa. Version 0.1.7 brings a variety of critical bug fixes, adds support for LCOV reports, and has optimizations that improves coverage tracking.

What's Changed

• Display success and revert hit count in coverage report (#364 ) by @0xalpharush
• Add LCOV support (#442 ) by @0xalpharush
• Improve performance during coverage tracking (#472 ) by @samalws
• Update corpus format (#456 ) by @anishnaik
• Disable account checks to allow for non-EOA transaction origins (#468 ) by @0xalpharush
• Log unique PCs that have been encountered by medusa (#453 ) by @0xalpharush

Bug Fixes

• Fix a missing initcode size override (#483 ) by @anishnaik
• Fix panic during execution tracing (#457 ) by @anishnaik
• Fix bug related to initial contract balances when using predeployed contracts (#461 ) by @0xalpharush
• Fix bug that prevented deployed addresses from being added to the value set (#488 ) by @smonicas

New Contributors

• @highcloudwind made their first contribution in #430
• @samalws-tob made their first contribution in #472
• @smonicas made their first contribution in #488

Full Changelog: v0.1.6...v0.1.7

v0.1.6

This marks a minor release of medusa. Version 0.1.6 brings a variety of critical bug fixes related to coverage tracking, coverage reporting, and execution tracing.

Bug Fixes

• Fix regression in coverage reports for constructors (#412)
• Fix panic while execution tracing cheatcode execution (#411)
• Fixed source unit Iookup and coverage reporting due to changes made to Foundry's compilation artifacts (#427)
• Reduce bias in weighted method selection that was omitting some methods (#427)

Full Changelog: v0.1.5...v0.1.6

v0.1.5

This marks a minor release of Medusa. Note that this version has no new features or bug fixes from the previous version (v0.1.4). A new release had to be made due to an inconsistency in the version that was reported by the medusa binary (via medusa --version) versus the version tag on GitHub and package managers such as Homebrew.

v0.1.4

This marks a minor release of medusa. Version 0.1.4 brings support for the new Cancun fork of go-ethereum. We also added additional features such as the ability to test pure/view functions, deterministically deploy contracts to fixed address, filter functions, and support for new cheatcodes. Finally, other minor QoL improvements and bug fixes were made in this release.

What's Changed

• Support for the new Cancun fork. This includes new opcodes such as TLOAD or TSTORE (#397)
• Added the ability to call pure or view methods in assertion testing mode (#363)
• Support for deterministic deployment of contracts to predefined addresses (#353)
• Support for blacklisting and whitelisting function signatures (#400)
• Support for the snapshot and revertTo cheatcodes (#276)
• Attachment of execution traces for failed contract deployments (#337)
• Attachment of execution traces for reverting property tests (#335)
• Display test cases discovered by the fuzzer on startup (#382)
• Improved documentation (#348)
• Automated release builds in the CI (#342)

Bug Fixes

• Use of function signatures in execution traces to handle overloaded function names (#336)
• Mutate calldata in call sequence mutator (#380)
• Mutate calldata during shrinking (#374)
• Use default compilation platform during fuzzer initialization (#362)

New Contributors

• Thank you to @konnov for their first contribution (#347)

Full Changelog: v0.1.3...v0.1.4