Ensure that a verified contract satisfies the following high-level requirements:
- The specification has been formally tested,
- The implementation has been tested statically and dynamically,
- The implementation has been tested using symbolic execution.
Category “G12” lists requirements related to the testing process of the smart contracts.
| # | Description |
|---|---|
| G12.1 | Verify that abuser stories specified during threat modeling are covered by unit tests. |
| G12.2 | Verify that sensitive functions of the verified contract are covered with tests in the development phase. |
| G12.3 | Verify that the implementation of the verified contract has been checked for security vulnerabilities using static and dynamic analysis. |
| G12.4 | Verify that the specification of the smart contract has been formally verified. |
| G12.5 | Verify that the specification and the result of formal verification are included in the documentation. |
| G12.6 | Verify that solidity-coverage indicates excellent code coverage. |
For more information, see also:
- Formal Verification
- Foundry
- Slither
- Code coverage for Solidity testing
- MythX Plugin for Truffle
- Securify
- SmartCheck
- Oyente
Request an audit of your project by SCSVS authors. Contact a specialist.