Skip to Content
DocumentationWelsh Street CoreFuzz Testing

Fuzz Testing

Overview

This documentation covers the fuzzing test suite for the Welsh Street Exchange. The test suite validates the integrity, security, and correctness of all five core smart contracts through extensive property-based testing and invariant testing using Rendezvous (rv), the Clarity fuzzer. Extended validation with 1,000 runs was implemented for each test type to ensure comprehensive coverage.

Testing Methodologies

Rendezvous (rv) employs two complementary fuzzing methodologies:

Property-Based Testing: Tests individual functions with random inputs via define-public functions prefixed with test-. Returns (ok true) for success, (ok false) to discard invalid inputs, or errors for failures.

Invariant Testing: Validates system-wide state properties via define-read-only functions prefixed with invariant-. Returns boolean values across random operation sequences.

Key concepts include automatic input generation, shrinking for simpler debugging, and discard logic for meaningful test focus.

Fuzzing Results by Contract

Exchange Contract

Purpose: AMM constant product mechanics with fee system fuzzing

  • exchange.tests.clar
  • Invariant Tests: Constant product formula, fee bounds (50-200 basis points), reserve consistency
  • Property Tests: Parameter validation, liquidity operations, swap mechanics, slippage protection
  • Result: AMM mechanics and fee calculations validated across all randomized scenarios

Credit Contract

Purpose: SIP-010 compliant LP token contract fuzzing (1000 runs)

  • credit.tests.clar
  • Invariant Tests: 1000/1000 passed (100% success rate)
  • Key Validations: Token metadata integrity, supply consistency, burn address filtering, arithmetic bounds
  • Result: SIP-010 compliance maintained under all fuzzing conditions

Street Contract

Purpose: Token emission mechanics with kill-switch fuzzing (1000 runs)

  • street.tests.clar
  • Invariant Tests: 1000/1000 passed (100% success rate)
  • Key Validations: Supply constraints, emission mechanics, one-way kill-switch functionality
  • Result: Emission controls and transfer integrity maintained under all conditions

Rewards Contract

Purpose: Zero-debt reward system with accounting fuzzing (1000 runs)

  • rewards.tests.clar
  • Invariant Tests: 1000/1000 passed (100% success rate) - accounting integrity, monotonic properties, user debt constraints
  • Result: Accounting maintained with accurate reward calculations under all conditions

Genesis Contract

Purpose: Liquidity Generation Event (LGE) reference implementation

  • genesis.tests.clar
  • All invariants maintain mathematical consistency
  • Property-based tests validate contribution mechanics
  • Establishes baseline error handling and validation patterns

Security Validation

Confirmed Properties:

  • Mathematical Integrity: Zero arithmetic errors across 5000+ operations
  • Access Control: permission enforcement
  • State Consistency: No corruption detected in any scenario
  • Economic Security: Accounting maintained

Common Patterns:

  • Error handling validated through property-based testing (u1, u801, u804, u900-u911)
  • Address/amount validation via randomized input generation
  • Invariant patterns: precision constants, monotonic properties, accounting integrity, non-negative constraints

Coverage Statistics

  • Contracts: 5 core contracts fuzzed
  • Functions: 60 total (12 per contract: 6 invariants + 6 properties)
  • Runs: 1000 per test type using --runs=1000
  • Success: 100% invariant validation across all sessions

Contract Summary

Credit Contract (SIP-010 Compliance)

  • Demonstrated SIP-010 standard compliance
  • Token metadata immutability properly enforced
  • Supply calculations maintain mathematical precision
  • Transfer mechanics robust under stress testing

Street Contract (Emission System)

  • Kill-switch functionality working as one-way mechanism
  • Emission controls preventing overflow/underflow
  • Supply constraints properly enforced under all conditions
  • Block-height based timing mechanisms reliable

Rewards Contract (Zero-Debt Accounting)

Aaccounting integrity maintained across all scenarios

  • User debt calculations accurate under complex conditions
  • Global index management robust and efficient
  • Reward distribution mechanics mathematically sound

Exchange Contract (AMM Mechanics)

  • Constant product formula consistently maintained
  • Fee system operating within specified bounds
  • Liquidity operations maintaining reserves properly
  • Slippage protection effective under stress conditions

Genesis Contract (Liquidity Generation Event)

  • Mathematical operations provide solid foundation
  • Contribution mechanics reliable and secure
  • State transitions properly managed
  • Error handling establishes consistent patterns

Conclusion

  • 5 Contracts Fuzzed: All core protocol components validated using Rendezvous methodologies
  • 5000+ Fuzzing Runs: Extensive coverage with 1000-run extended sessions per test type
  • 100% Invariant Test Success: maintenance of system properties through read-only invariant validation
  • Zero Critical Issues: No vulnerabilities or mathematical errors detected through either testing methodology
  • Comprehensive Coverage: All major code paths and edge cases tested using property-based and invariant testing
  • Security Properties: No vulnerabilities detected in any fuzzing scenarios using both testing methodologies
  • Mathematical Integrity: Accounting and calculation accuracy maintained through invariant testing
  • Error Handling: Comprehensive and consistent error management across all contracts validated through property-based testing
Last updated on
Testing CoverageGenesis