test: initialize echidna for fuzz testing #208
Conversation
Co-authored-by: lumtis <[email protected]>
Co-authored-by: lumtis <[email protected]>
Co-authored-by: lumtis <[email protected]>
WalkthroughThis update primarily enhances testing and code management. It introduces Changes
Sequence Diagram(s)sequenceDiagram
participant Developer
participant ERC20CustodyNew
participant GatewayEVM
Note right of Developer: Setup Echidna Testing
Developer->>ERC20CustodyNew: Call withdrawAndCall as public
Developer->>GatewayEVM: Deploy and setup initial custody
GatewayEVM-->Developer: Error if custody already initialized
Developer->>Echidna: Configure and run tests
Echidna->>ERC20CustodyNew&GatewayEVM: Test fuzz cases
Poem
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (invoked as PR comments)
Additionally, you can add CodeRabbit Configration File (
|
|
@coderabbitai full review |
Actions performedFull review triggered. |
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #208 +/- ##
===========================================
- Coverage 59.25% 48.09% -11.17%
===========================================
Files 31 31
Lines 1048 1048
Branches 262 263 +1
===========================================
- Hits 621 504 -117
- Misses 427 544 +117 ☔ View full report in Codecov by Sentry. |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 2
Review details
Configuration used: .coderabbit.yaml
Review profile: CHILL
Files ignored due to path filters (8)
pkg/contracts/prototypes/evm/erc20custodynew.sol/erc20custodynew.gois excluded by!pkg/**pkg/contracts/prototypes/evm/gatewayevm.sol/gatewayevm.gois excluded by!pkg/**typechain-types/contracts/prototypes/evm/ERC20CustodyNewEchidnaTest.tsis excluded by!typechain-types/**typechain-types/contracts/prototypes/evm/GatewayEVMEchidnaTest.tsis excluded by!typechain-types/**typechain-types/factories/contracts/prototypes/evm/ERC20CustodyNewEchidnaTest__factory.tsis excluded by!typechain-types/**typechain-types/factories/contracts/prototypes/evm/ERC20CustodyNew__factory.tsis excluded by!typechain-types/**typechain-types/factories/contracts/prototypes/evm/GatewayEVMEchidnaTest__factory.tsis excluded by!typechain-types/**typechain-types/factories/contracts/prototypes/evm/GatewayEVM__factory.tsis excluded by!typechain-types/**
Files selected for processing (8)
- .eslintignore (1 hunks)
- .gitignore (1 hunks)
- contracts/prototypes/evm/ERC20CustodyNew.sol (1 hunks)
- contracts/prototypes/evm/GatewayEVM.sol (4 hunks)
- echidna.yaml (1 hunks)
- test/fuzz/ERC20CustodyNewEchidnaTest.sol (1 hunks)
- test/fuzz/GatewayEVMEchidnaTest.sol (1 hunks)
- test/fuzz/readme.md (1 hunks)
Additional context used
Path-based instructions (5)
test/fuzz/readme.md (1)
Pattern
test/**: Review the test files for proper coverage, edge cases, and best practices.test/fuzz/GatewayEVMEchidnaTest.sol (1)
Pattern
test/**: Review the test files for proper coverage, edge cases, and best practices.test/fuzz/ERC20CustodyNewEchidnaTest.sol (1)
Pattern
test/**: Review the test files for proper coverage, edge cases, and best practices.contracts/prototypes/evm/ERC20CustodyNew.sol (1)
Pattern
contracts/**: Review the Solidity contracts for security vulnerabilities and best practices.contracts/prototypes/evm/GatewayEVM.sol (1)
Pattern
contracts/**: Review the Solidity contracts for security vulnerabilities and best practices.
yamllint
echidna.yaml
[error] 4-4: trailing spaces
(trailing-spaces)
[error] 5-5: trailing spaces
(trailing-spaces)
[error] 6-6: no new line character at the end of file
(new-line-at-end-of-file)
Markdownlint
test/fuzz/readme.md
3-3: null
Fenced code blocks should have a language specified(MD040, fenced-code-language)
10-10: null
Fenced code blocks should have a language specified(MD040, fenced-code-language)
13-13: null
Files should end with a single newline character(MD047, single-trailing-newline)
Additional comments not posted (15)
.eslintignore (1)
7-8: LGTM!The additions of
docsandcrytic-exportdirectories to the ignore list are appropriate..gitignore (1)
33-35: LGTM!The additions of
abiandcrytic-exportdirectories to the ignore list are appropriate.test/fuzz/GatewayEVMEchidnaTest.sol (5)
1-5: Imports look good.The necessary modules and libraries are imported correctly.
7-8: Ensure proper usage of SafeERC20.The
SafeERC20library is used, which is good for preventing common ERC20 pitfalls.
10-11: State variable initialization.The state variables are initialized correctly. Ensure
echidnaCalleris properly set during tests.
13-17: Constructor initialization logic.The constructor initializes the contract correctly. Ensure that
initializeandnewcalls are functioning as expected.
19-26: Test function for ERC20 execution.The test function
testExecuteWithERC20is well-structured. Ensure that the minting and execution logic works as intended.test/fuzz/ERC20CustodyNewEchidnaTest.sol (5)
1-5: Imports look good.The necessary modules and libraries are imported correctly.
7-8: Ensure proper usage of SafeERC20.The
SafeERC20library is used, which is good for preventing common ERC20 pitfalls.
10-11: State variable initialization.The state variables are initialized correctly. Ensure
echidnaCalleris properly set during tests.
13-19: Constructor initialization logic.The constructor initializes the contract correctly. Ensure that
initializeandsetCustodycalls are functioning as expected.
21-31: Test function for withdraw and call.The test function
testWithdrawAndCallis well-structured. Ensure that the minting, transferring, and withdrawal logic works as intended.contracts/prototypes/evm/ERC20CustodyNew.sol (1)
41-41: Visibility change ofwithdrawAndCall.Changing the visibility from
externaltopublicallows the function to be called internally, which might be necessary for testing or other internal logic. Ensure that this change does not introduce any security vulnerabilities.contracts/prototypes/evm/GatewayEVM.sol (2)
21-21: New error typeCustodyInitialized.The new error type
CustodyInitializedis defined to handle reinitialization errors. Ensure that this error is used correctly in the contract.
138-138: Visibility change ofsetCustody.Changing the visibility from
externaltopublicallows the function to be called internally, which might be necessary for testing or other internal logic. Ensure that this change does not introduce any security vulnerabilities.
| testLimit: 50000 | ||
| seqLen: 10000 | ||
| allContracts: false |
There was a problem hiding this comment.
Fix trailing spaces and add a newline at the end of the file.
There are trailing spaces on lines 4 and 5, and the file is missing a newline at the end.
- testLimit: 50000
- seqLen: 10000
+ testLimit: 50000
+ seqLen: 10000
+ Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| testLimit: 50000 | |
| seqLen: 10000 | |
| allContracts: false | |
| testLimit: 50000 | |
| seqLen: 10000 | |
| allContracts: false | |
Tools
yamllint
[error] 4-4: trailing spaces
(trailing-spaces)
[error] 5-5: trailing spaces
(trailing-spaces)
[error] 6-6: no new line character at the end of file
(new-line-at-end-of-file)
| @@ -0,0 +1,13 @@ | |||
| ## Setup echidna | |||
|
|
|||
| ``` | |||
There was a problem hiding this comment.
Specify language for fenced code blocks and add a newline at the end of the file.
Fenced code blocks should have a language specified, and the file should end with a newline.
- ```
+ ```sh
- ```
+ ```sh
+ Also applies to: 10-10, 13-13
Tools
Markdownlint
3-3: null
Fenced code blocks should have a language specified(MD040, fenced-code-language)
|
I think using Foundry more is a good idea. What I still like about Hardhat is the ability to import and use TypeScript tools, we're using them for everything in tutorials: balances, faucet, transaction tracking, code generation. But I think Hardhat-Foundry plugin is a good middle-ground. |
| @@ -38,7 +38,7 @@ contract ERC20CustodyNew is ReentrancyGuard{ | |||
| // For this, it passes through the Gateway contract, it transfers the tokens to the Gateway contract and then calls the contract | |||
| // TODO: Finalize access control | |||
| // https://github.com/zeta-chain/protocol-contracts/issues/204 | |||
| function withdrawAndCall(address token, address to, uint256 amount, bytes calldata data) external nonReentrant { | |||
| function withdrawAndCall(address token, address to, uint256 amount, bytes calldata data) public nonReentrant { | |||
There was a problem hiding this comment.
Under which circumstances is withdrawAndCall and executeWithERC20 be called from within ERC20CustodyNew? This impacts the amount of gas consumed by these functions.
There was a problem hiding this comment.
What do you mean by circumstances?
withdrawAndCall is called by the TSS address when handling an outbound
There was a problem hiding this comment.
probably will be clearer when we add access control
|
I don't have enough experience with Echidna yet to make a proper statement. I agree with the proposed hardhat-foundry usage, it's a good middle ground and the full migration can happen if everyone agrees about foundry being the best solution. Also, I'll be studying echidna so I can have informed opinions on it. |
There was a problem hiding this comment.
Looks good to me.
We don't need to be complete in this PR, just write the base.
foundry instead of hardhat: too much effort atm to migrate
What concrete work to migrate outside of rewriting the test and deployment scripts?
Also myaybe we can have both supported atm?
| @@ -38,7 +38,7 @@ contract ERC20CustodyNew is ReentrancyGuard{ | |||
| // For this, it passes through the Gateway contract, it transfers the tokens to the Gateway contract and then calls the contract | |||
| // TODO: Finalize access control | |||
| // https://github.com/zeta-chain/protocol-contracts/issues/204 | |||
| function withdrawAndCall(address token, address to, uint256 amount, bytes calldata data) external nonReentrant { | |||
| function withdrawAndCall(address token, address to, uint256 amount, bytes calldata data) public nonReentrant { | |||
There was a problem hiding this comment.
What do you mean by circumstances?
withdrawAndCall is called by the TSS address when handling an outbound
i think tests and scripts, probably not that much effort if we only do it for v2 |
skosito
requested review from
andresaiello,
brewmaster012,
CharlieMc0 and
fadeev
as code owners
We could also consider create entire new repo for v2 as the env is just completely different |
yes, i added a readme in |
to test:
Setup echidna
Execute contract tests
just simple tests for now, and instructions on how to run, once we agree on approach we can open more issues for adding more fuzz tests same way its started here
alternatives:
foundry has built in fuzz testing, and bunch of tools for better testing in general (for example cheatcodes: https://book.getfoundry.sh/forge/cheatcodes)
Summary by CodeRabbit
New Features
echidna.yamlforcrytic-compileconfiguration.ERC20CustodyNewEchidnaTest.solandGatewayEVMEchidnaTest.solfor advanced testing.readme.md.Bug Fixes
setCustodyfunction inGatewayEVM.solto prevent reinitialization.Refactor
withdrawAndCallfunction visibility fromexternaltopublicinERC20CustodyNew.Chores
.eslintignoreand.gitignoreto includecrytic-exportdirectory.