INVARIANT TESTING
8 articles tagged "invariant testing"
Why Invariant Testing Matters for DeFi Security
Unit tests check what you think of. Invariant tests check what you don't. Here's why every DeFi protocol needs invariant testing and how it has saved millions in real engagements.
The Anatomy of a Critical DeFi Bug: Insolvency Through Incorrect Accounting
A single rounding error in share accounting can drain an entire vault. Walk through the anatomy of a real critical DeFi bug and learn why invariant testing is the only reliable way to catch it.
Property Design Patterns for DeFi Lending Protocols
A practical catalog of invariant property patterns for lending protocols — from solvency and utilization bounds to liquidation health checks — with Solidity code for each.
5 Smart Contract Vulnerabilities That Unit Tests Will Never Catch
Unit tests check what you expect. But the most dangerous vulnerabilities hide in the unexpected — cross-function reentrancy, rounding accumulation, and more. Here are five categories unit tests will never catch.
Understanding Rounding Errors in DeFi: How Small Bugs Lead to Big Exploits
In Solidity, there are no decimals — only integers and the illusion of precision. Learn how 1 wei rounding errors compound into protocol-draining exploits and how to defend against them.
From Zero to Fuzzing: A Beginner's Guide to the Chimera Framework
A hands-on beginner tutorial for the Chimera framework. Go from an empty project to running invariant tests with Foundry, Echidna, and Medusa — no prior fuzzing experience required.
Towards the Scientific Audit
Audits today are artisanal. Two auditors reviewing the same code follow different paths and produce different results. This inconsistency is the gap attackers exploit. Here is how we make audits scientific.
AI Smart Contract Audits: Beyond the Hype
Everyone claims AI auditing. Most mean they ran an LLM on your code. Here is what AI-powered smart contract auditing actually looks like when built on top of invariant testing and formal methods.