Vertigo is a mutation testing framework designed to work specifically for smart contracts. This mutation testing framework implements a range of mutation operators that are either selected from previous works or tailored to solidity.
To install vertigo, execute the following command:
pip3 install --user eth-vertigo
You can now run vertigo on a truffle project with the following command (assuming you have a development network configured in yourtruffle-config.js):
vertigo run --network development
Depending on your environment it might be required to specify the location of the truffle executable:
vertigo run --network development --truffle-location <node_dir>/bin/truffle
There are a few additional parameters available that allow you to tweak the execution of vertigo:
$ python vertigo.py run --help
Usage: vertigo.py run [OPTIONS]
Performs a core test campaign
Options:
--output TEXT Output core test results to file
--network TEXT Network names that vertigo can use
--rules TEXT Universal Mutator style rules to use in mutation
testing
--truffle-location TEXT Location of truffle cli
--sample-ratio FLOAT If this option is set. Vertigo will apply the
sample filter with the given ratio
--exclude TEXT Vertigo won't mutate files in these directories
--help Show this message and exit.
Ganache is generally used only for a single run of the entire test suite. For the general use case, it does not matter if Ganache creates a few thousand files. Unfortunately, once you start executing the entire test suite hundreds of times, you can end up with millions of files, and your machine could run out of free inode's. You can check whether this happens to you by running:
df -i
This issue (#1) is known, and we're working on a fix.
In the meanwhile. If your test suite is large enough to munch all your inodes, then there are two options:
--sample-ratio to select a random subsample of the mutations (reducing the number of times that the test suite is run)Practical Mutation Testing for Smart Contracts - Joran J. Honig, Maarten H. Everts, Marieke Huisman
Introduction into Mutation Testing - Joran Honig
Mutation Testing for Smart Contracts - A step by step guide - Joran Honig
If you want to cite vertigo, please use the following:
@InProceedings{10.1007/978-3-030-31500-9_19,
author="Honig, Joran J.
and Everts, Maarten H.
and Huisman, Marieke",
title="Practical Mutation Testing for Smart Contracts",
booktitle="Data Privacy Management, Cryptocurrencies and Blockchain Technology",
year="2019",
publisher="Springer International Publishing",
pages="289--303"
}
FAQs
Mutation Testing for Ethereum Smart Contracts
We found that eth-vertigo demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
CISOs are racing to adopt AI for cybersecurity, but hurdles in budgets and governance may leave some falling behind in the fight against cyber threats.
Research
Security News
Socket researchers uncovered a backdoored typosquat of BoltDB in the Go ecosystem, exploiting Go Module Proxy caching to persist undetected for years.
Security News
Company News
Socket is joining TC54 to help develop standards for software supply chain security, contributing to the evolution of SBOMs, CycloneDX, and Package URL specifications.