Stateful Fuzzing
Stateful fuzzing is a fuzzing technique that maintains contract state across a sequence of function calls, testing how transactions interact with each other over time.
In Depth
Unlike stateless fuzzing (which tests each function call independently), stateful fuzzing builds up contract state through sequences of transactions. This is critical for finding bugs that only manifest after specific sequences of operations - for example, a vulnerability that requires depositing, then staking, then withdrawing in a specific order. Stateful fuzzers like Echidna and Medusa maintain the EVM state between calls, enabling them to find complex multi-step vulnerabilities.
Frequently Asked Questions
What is stateful fuzzing?
Stateful fuzzing tests smart contracts by generating random sequences of function calls while maintaining state between each call. This finds bugs that only appear after specific sequences of operations, which single-function tests miss.
Why is stateful fuzzing important for DeFi?
DeFi protocols involve complex state changes across multiple transactions. A vulnerability might only appear after a specific sequence of deposits, borrows, and liquidations. Stateful fuzzing explores these sequences automatically.