A developer-friendly fuzzing tool for CosmWasm smart contracts that wraps Ziggy and provides automatic harness generation with multi-contract support.
- Multi-contract fuzzing: Fuzz multiple interacting CosmWasm contracts simultaneously
- Harness generation: Discovers invariants and generates fuzzing harness template
- Invariant-driven: Define invariants directly in your contract code using
#[cfg(cosmfuzz)]modules
cargo install --path cosmfuzz# 1. Initialize in your target
cd my-cosmwasm-contract
cosmfuzz init
# 2. Add invariants and setup function to your contract
# See docs/writing-invariants.md
# See docs/setup-functions.md
# 3. Start fuzzing
cosmfuzz fuzz
# 4. Debug a crash
cosmfuzz run /tmp/cosmfuzz/my-project/output/cosmfuzz/crashes/.../id:000000...Notes:
cosmfuzz initrunscargo afl system-config.cosmfuzz fuzzpatchescosmwasm-std'sMockApi::addr_validateto returnOk(Addr::unchecked(input))for fuzzing.
- Writing Invariants - How to define invariants in your contracts
- Configuration - Configuring cosmfuzz-config.toml
- Commands - Complete command reference
- Example Walkthrough - Complete CW20 fuzzing tutorial
- Advanced Usage - Custom harnesses and testing frameworks
See examples/ for a minimal working example.