Foundry Fundamentals - Intro to fuzz testing

Support

--- title: Intro to fuzz testing _Follow along with this video:_ --- ### Fuzz testing Generally, fuzz testing, also known as fuzzing, is an automated software testing technique that involves injecting invalid, malformed, or unexpected inputs into a system to identify software defects and vulnerabilities. This method helps in revealing issues that may lead to crashes, security breaches, or performance problems. Fuzz testing operates by feeding a program with large volumes of random data (referred to as "fuzz") to observe how the system handles such inputs. If the system crashes or exhibits abnormal behavior, it indicates a potential vulnerability or defect that needs to be addressed. How can we apply this in Foundry? Let's find out by testing the fact that `fulfillRandomWords` can only be called after the upkeep is performed. Open `RaffleTest.t.sol` and add the following: `import {VRFCoordinatorV2_5Mock} from "chainlink/src/v0.8/vrf/mocks/VRFCoordinatorV2_5Mock.sol";` in the import section. ```solidity function testFulfillRandomWordsCanOnlyBeCalledAfterPerformUpkeep() public raffleEntredAndTimePassed { // Arrange // Act / Assert vm.expectRevert("nonexistent request"); // vm.mockCall could be used here... VRFCoordinatorV2_5Mock(vrfCoordinator).fulfillRandomWords( 0, address(raffle) ); } ``` So we define the function and use the modifier we created in the previous lesson to make `PLAYER` enter the raffle and set `block.timestamp` into the future. We use the `expectRevert` because we expect the next call to revert with the `"nonexistent request"` message. How do we know that? Simple, inside the `VRFCoordinatorV2Mock` we can see the following code: ```solidity function fulfillRandomWords(uint256 _requestId, address _consumer) external nonReentrant { fulfillRandomWordsWithOverride(_requestId, _consumer, new uint256[](0)); } /** * @notice fulfillRandomWordsWithOverride allows the user to pass in their own random words. * * @param _requestId the request to fulfill * @param _consumer the VRF randomness consumer to send the result to * @param _words user-provided random words */ function fulfillRandomWordsWithOverride(uint256 _requestId, address _consumer, uint256[] memory _words) public { uint256 startGas = gasleft(); if (s_requests[_requestId].subId == 0) { revert("nonexistent request"); } ``` If the `requestId` is not registered, then the `if (s_requests[_requestId].subId == 0)` check would revert using the desired message. Moving on, we called `vm.expectRevert` then we called `fulfillRandomWords` with an invalid `requestId`, i.e. requestId = 0. But why only 0, what if it works with other numbers? How can we test the same thing with 1000 different inputs to make sure that this is more relevant? Here comes Foundry fuzzing: ```solidity function testFulfillRandomWordsCanOnlyBeCalledAfterPerformUpkeep(uint256 randomRequestId) public raffleEntredAndTimePassed { // Arrange // Act / Assert vm.expectRevert("nonexistent request"); // vm.mockCall could be used here... VRFCoordinatorV2_5Mock(vrfCoordinator).fulfillRandomWords( randomRequestId, address(raffle) ); } ``` If we specify an input parameter in the test function declaration, Foundry will provide random values wherever we use that parameter inside our test function. This was just a small taste. Foundry fuzzing has an enormous testing capability. We will discuss more about them in the next sections.

Intro to fuzz testing

Introducing fuzz testing in blockchain development, this lesson explores using random inputs for testing smart contracts, emphasizing the importance of mock functions and fuzz testing for secure and stable systems.

Course Overview

About the course

What you'll learn

Foundryup, Foundry Forge, and Anvil

Blockchain Oracles

How to create local Blockchain testnets

How to verify a smart contract

How to write and run smart contract tests

Course Description

Who is this course for?

Software engineers
Web3 developers
Blockchain security researchers

Potential Careers

Security researcher

$49,999 - $120,000 (avg. salary)

Smart Contract Engineer

$100,000 - $150,000 (avg. salary)

Web3 developer

$60,000 - $150,000 (avg. salary)

Web3 Developer Relations

$85,000 - $125,000 (avg. salary)

Smart Contract Auditor

$100,000 - $200,000 (avg. salary)

Meet your instructors

Patrick Collins

Founder at Cyfrin

Web3 engineer, educator, and Cyfrin co-founder. Patrick's smart contract development and security courses have helped hundreds of thousands of engineers kickstarting their careers into web3.

Guest lecturers:

Richard Gottleber

Developer relations at Chainlink

Vasiliy Gualoto

Developer relations at Cyfrin

Last updated on November 29, 2024

Thanks for checking us out

Start learning for free

Start for free

Solidity Developer

Foundry Fundamentals

Section 1: Foundry Simple Storage

Duration: 2h 52min

Section 2: Foundry Fund Me

Duration: 2h 56min

Section 3: Fund Me Frontend

Duration: 26min

Section 4: Smart Contract Lottery

Duration: 5h 22min

1. Introduction

A comprehensive guide to building a smart contract lottery using Foundry - This lesson explores the Foundry smart contract development environment and dives into a real-world example of creating a lottery contract with verifiable randomness using Chainlink VRF. Duration: 6min

2. Smart contract lottery - Project setup

Introduction to building an advanced lottery or raffle smart contract, covering key features like Chainlink automation and random number generation. Duration: 6min

3. Solidity style guide

Exploration of Solidity's code layout and function ordering for efficient smart contract development. Duration: 2min

4. Creating custom errors

Guidance on using custom errors in Solidity for gas-efficient and effective error checking. Duration: 8min

5. Smart contracts events

In this lesson we'll explore how to use events in Ethereum smart contracts, specifically in a lottery system context. Duration: 12min

6. Random numbers - Block Timestamp

Insights into using block timestamps for random number generation in lottery smart contracts. Duration: 5min

7. Random numbers - Introduction to Chainlink VRF

Introduction to using Chainlink VRF for generating random numbers in blockchain applications. Duration: 10min

8. Implement the Chainlink VRF

Tutorial on deploying and integrating Chainlink VRF in smart contracts for random number generation. Duration: 23min

9. Implementing Vrf Fulfil

A comprehensive guide to implementing Chainlink VRF Fulfill - In this lesson, we dive deep into the world of Chainlink VRF (Verifiable Random Function) and how to implement the Fulfill functionality in Solidity smart contracts. We explore how to integrate Chainlink VRF into our own raffle contract, using the VRFConsumerBaseV2Plus contract to process random number requests and define a custom FulfillRandomWords function to handle the response. Learn how to make requests to the Chainlink VRF Coordinator, interpret the response, and ultimately utilize the randomly generated number within your own application. Duration: 8min

10. The modulo operation

Explanation of using the modulo operation for selecting random winners in smart contract games. Duration: 6min

11. Quiz: Smart Contract Lottery Intro Quiz

Questions: 5

12. Implementing the lottery state - Enum

Discussion on using enums to manage different states in a raffle smart contract. Duration: 6min

13. Lottery restart - Resetting an Array

Exploration of resetting player arrays in smart contracts to start new game rounds. Duration: 2min

14. Important: Note on learning by building

Insights into the true process of building solidity projects, highlighting the iterative nature of coding. Duration: 2min

15. The CEI method - Checks, Effects, Interactions

An overview of the Checks-Effects-Interactions pattern for secure and efficient smart contract development. Duration: 4min

16. Introduction to Chainlink Automation

This lesson covers the basics of Chainlink Automation, essential for automating the 'Pick Winner' function in a lottery application. It delves into the use of Chainlink VRF for randomness and explores time-based automation and custom logic through Chainlink. Duration: 17min

17. Implementing Chainlink Automation

Focusing on implementing Chainlink Automation, this lesson teaches how to use \`checkUpkeep\` and \`performUpkeep\` functions for automated execution in Chainlink-powered smart contracts, enhancing their autonomy and efficiency. Duration: 12min

18. Custom Error

A comprehensive guide to custom errors with parameters. This lesson covers how to create custom errors in Solidity smart contracts and how to add parameters to those errors so that the chainlink keepers can automatically kick off a VRF request. Duration: 2min

19. Quiz: Smart Contract Lottery Mid Section Recap Quiz

Questions: 5

20. Mid section recap

A recap of the progress in developing a fair and transparent lottery system using Chainlink's VRF. The lesson revisits key concepts like the raffle contract, buying into the raffle, and the decentralized draw process. Duration: 3min

21. Test and deploy the lottery smart contract pt.1

This lesson emphasizes the importance of testing and deploying smart contracts efficiently. It guides through creating deploy scripts and testing them on various networks, ensuring reliable and secure deployment of lottery contracts. Duration: 2min

22. Deploy Script

A comprehensive guide to deploying a Chainlink VRF Raffle smart contract - This lesson covers how to set up your code base for deploying a Chainlink VRF Raffle smart contract using Foundry, including creating new files, adding a pragma, importing the necessary dependencies, and setting up an abstract contract. The video also discusses how to create a Helper Config smart contract and set up a local chain ID for testing purposes. Duration: 11min

23. Deploy a mock Chainlink VRF

The focus of this lesson is on deploying a mock Chainlink VRF, vital for testing smart contracts. It provides insights into setting up mock contracts, adjusting parameters, and the importance of Chainlink VRF in blockchain development. Duration: 7min

24. Test and deploy the lottery smart contract pt.2

Continuing from the previous part, this lesson dives deeper into testing and deploying lottery smart contracts. It covers the usage of helper configurations and the integration of network-specific configurations for smooth deployment. Duration: 4min

25. Setup the tests

This lesson teaches the setup and execution of tests for smart contracts, emphasizing the significance of forge coverage and the Arrange-Act-Assert methodology to ensure robust and reliable smart contract functionality. Duration: 8min

26. Headers

A fun little tool to generate Solidity headers - This video teaches you how to use a tool called 'headers' that will help generate Solidity code headers. Duration: 1min

27. Adding more tests

A continuation of developing comprehensive tests for smart contracts, this lesson focuses on enhancing code coverage and efficiency in testing, particularly for the \`check upkeep\` function. Duration: 7min

28. Testing events

A detailed guide on testing events emitted by smart contracts, highlighting the use of Foundry's \`expectEmit\` function. The lesson focuses on ensuring correct event emissions, crucial for smart contract validation. Duration: 5min

29. Using vm.roll and vm.warp

Exploring the use of \`vm.roll\` and \`vm.warp\` in smart contract testing, this lesson demonstrates how to adjust block time and number for testing various states and transitions in smart contracts. Duration: 6min

30. Subscribing to events

This lesson covers the process of deploying contracts, creating, and managing Chainlink VRF subscriptions. It focuses on resolving common errors and efficiently managing Chainlink VRF in smart contracts. Duration: 18min

31. Creating the subscription UI

A guide to creating and managing front-end subscriptions for Ethereum Blockchain, this lesson covers steps from transaction initiation to automatic link token funding, emphasizing user interface interactions. Duration: 4min

32. Fund subscription

This lesson teaches how to create and execute a contract script to fund blockchain subscriptions, detailing the parameters needed and the process of funding subscriptions using mock functions. Duration: 15min

33. Adding a consumer

Focusing on adding a consumer to a subscription, this lesson explains the process of adding a consumer contract to a Chainlink VRF subscription, using scripting to simplify the deployment and management. Duration: 13min

34. Even More Tests

A comprehensive guide to testing a Solidity smart contract with Foundry. This lesson covers the basics of creating a testing environment, writing unit tests, and understanding code coverage. Duration: 5min

35. Coverage Report

A comprehensive guide to smart contract testing and coverage reports using Foundry. The lesson covers how to generate a coverage report to identify untested lines of code, and how to interpret the coverage report to identify areas that need further testing. Duration: 4min

36. Testing and refactoring the performUpkeep

This lesson delves into writing tests for the \`performUpkeep\` function, emphasizing the need for thorough testing and refactoring to ensure the reliability and efficiency of smart contracts. Duration: 7min

37. Refactoring events data

A guide to refining the use of emitted events in smart contracts, this lesson covers extracting and utilizing event data, with a focus on testing and improving code efficiency. Duration: 9min

38. Intro to fuzz testing

39. One Big Test

This lesson focuses on creating a comprehensive function test for a Raffle contract in a blockchain environment, covering the entire lifecycle of a raffle including entry, drawing, and prize distribution, and integrating Chainlink VRF in a test environment. Duration: 13min

40. Forked test environment and dynamic private keys

A guide on running tests in a forked test environment, addressing the challenges and solutions related to deployer identification. It covers the dynamics of testing smart contracts on different blockchain environments and the importance of dynamic deployer keys. Duration: 12min

41. Creating integration tests

This lesson transitions from unit testing to integration testing in smart contract development, highlighting the significance of deploying and testing on testnets and mainnets. It offers insights into the practical aspects of ensuring smart contracts function as intended in a live blockchain environment. Duration: 4min

42. Deploy the lottery on the testnet pt.1

In this lesson, learners are guided through deploying a smart contract onto a testnet, using a Makefile for automation, and interacting with the live contract on Etherscan. It emphasizes the real-world application and testing of smart contracts. Duration: 16min

43. Implementing console log in your smart contract

Focusing on debugging techniques in Solidity, this lesson teaches the implementation of console.log for debugging smart contracts. It highlights the importance of removing console logs before deploying to mainnet or testnet to save Ether and maintain efficiency. Duration: 1min

44. Debug using forge test

Introducing the Forge Debug Tool, this lesson explains how to use the debug functionality in Forge for in-depth analysis and step-through of smart contract code. It emphasizes the tool's utility in understanding specific elements in code for advanced debugging. Duration: 1min

45. Quiz: Smart Contract Lottery recap Quiz

Questions: 8

46. Section recap

A comprehensive recap of creating a provably fair lottery on the blockchain. The lesson revisits key components like custom errors, enums, private variables, constructor verbosity, raffle and Chainlink automation, and deployment on testnet, culminating in a complete overview of the project. Duration: 6min