Blockchain technology firm ConsenSys publicly released its “Diligence Fuzzing” tool for smart contract testing, according to an announcement. The new tool produces “random and invalid data points” to find vulnerabilities in contracts before they are launched, reports Cointelegraph.
Over $2.8 billion was lost in decentralised finance hacks in 2022. According to ConsenSys, these losses are leading developers to embrace more sophisticated testing tools to help find vulnerabilities before attackers do.
The new tool used to be available in a closed beta version, where developers needed to get approval for access. This approval process is no longer necessary as of 1 August. Diligence Fuzzing is also now integrated with smart contract toolkit Foundry and features a free version for developers who want to test it out before spending any money.
In a conversation with Cointelegraph, ConsenSys security services lead Liz Daldalian explained how the tool works in more detail. Developers can annotate their contracts using a machine language called “Scribble,” also developed by ConsenSys. Once they do this, the annotations will be understood by the fuzzing tool. The tool produces “unexpected” inputs so as to test whether the contract can be forced to produce unintended actions.