Merge pull request #32 from euler-xyz/enigma-dark-invariants

Enigma dark invariant suite

Author: kasperpawlowski

.github/workflows/enigma-dark-invariants.yml

@@ -0,0 +1,46 @@
+name: Enigma Dark Invariants - Echidna Workflow
+
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+
+env:
+  FOUNDRY_PROFILE: ci
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  echidna:
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        mode: [property, assertion] # Define the modes here
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+        with:
+          submodules: recursive
+
+      - name: Install Foundry
+        uses: foundry-rs/foundry-toolchain@v1
+        with:
+          version: nightly
+
+      - name: Compile contracts
+        run: |
+          forge build test/enigma-dark-invariants/Tester.t.sol --build-info
+
+      - name: Run Echidna ${{ matrix.mode == 'property' && 'Property' || 'Assertion' }} Mode
+        uses: crytic/echidna-action@v2
+        with:
+          files: .
+          contract: Tester
+          config: test/enigma-dark-invariants/_config/echidna_config_ci.yaml
+          crytic-args: --ignore-compile
+          test-mode: ${{ matrix.mode == 'assertion' && 'assertion' || '' }}

.gitignore

@@ -14,5 +14,14 @@ broadcast/
 # System Files
 .DS_Store
 
+
+# Invariant testing files
+crytic-export/
+_corpus/
+
+# Coverage directory
+coverage/
+*.info
+
 # certora generated files
-.certora_internal
+.certora_internal

Makefile

@@ -0,0 +1,17 @@
+# Invariants
+echidna:
+	echidna test/enigma-dark-invariants/Tester.t.sol --contract Tester --config ./test/enigma-dark-invariants/_config/echidna_config.yaml --corpus-dir ./test/enigma-dark-invariants/_corpus/echidna/default/_data/corpus
+
+echidna-assert:
+	echidna test/enigma-dark-invariants/Tester.t.sol --contract Tester --test-mode assertion --config ./test/enigma-dark-invariants/_config/echidna_config.yaml --corpus-dir ./test/enigma-dark-invariants/_corpus/echidna/default/_data/corpus
+
+echidna-explore:
+	echidna test/enigma-dark-invariants/Tester.t.sol --contract Tester --test-mode exploration --config ./test/enigma-dark-invariants/_config/echidna_config.yaml --corpus-dir ./test/enigma-dark-invariants/_corpus/echidna/default/_data/corpus
+
+# Medusa
+medusa:
+	medusa fuzz --config ./medusa.json
+
+# Echidna Results
+runes:
+	runes convert ./test/enigma-dark-invariants/_corpus/echidna/default/_data/corpus/reproducers --output ./test/enigma-dark-invariants/replays

medusa.json

@@ -0,0 +1,87 @@
+{
+    "fuzzing": {
+        "workers": 10,
+        "workerResetLimit": 50,
+        "timeout": 0,
+        "testLimit": 0,
+        "callSequenceLength": 200,
+        "corpusDirectory": "test/enigma-dark-invariants/_corpus/medusa",
+        "coverageEnabled": true,
+        "deploymentOrder": [
+            "Tester"
+        ],
+        "targetContracts": [
+            "Tester"
+        ],
+        "targetContractsBalances": [
+            "1e35"
+        ],
+        "constructorArgs": {},
+        "deployerAddress": "0x30000",
+        "senderAddresses": [
+            "0x10000",
+            "0x20000",
+            "0x30000"
+        ],
+        "blockNumberDelayMax": 60480,
+        "blockTimestampDelayMax": 604800,
+        "blockGasLimit": 12500000000,
+        "transactionGasLimit": 1250000000,
+        "testing": {
+            "stopOnFailedTest": false,
+            "stopOnFailedContractMatching": false,
+            "stopOnNoTests": true,
+            "testAllContracts": false,
+            "traceAll": false,
+            "assertionTesting": {
+                "enabled": true,
+                "testViewMethods": true,
+                "assertionModes": {
+                    "failOnCompilerInsertedPanic": false,
+                    "failOnAssertion": true,
+                    "failOnArithmeticUnderflow": false,
+                    "failOnDivideByZero": false,
+                    "failOnEnumTypeConversionOutOfBounds": false,
+                    "failOnIncorrectStorageAccess": false,
+                    "failOnPopEmptyArray": false,
+                    "failOnOutOfBoundsArrayAccess": false,
+                    "failOnAllocateTooMuchMemory": false,
+                    "failOnCallUninitializedVariable": false
+                }
+            },
+            "propertyTesting": {
+                "enabled": true,
+                "testPrefixes": [
+                    "fuzz_",
+                    "echidna_"
+                ]
+            },
+            "optimizationTesting": {
+                "enabled": false,
+                "testPrefixes": [
+                    "optimize_"
+                ]
+            }
+        },
+        "chainConfig": {
+            "codeSizeCheckDisabled": true,
+            "cheatCodes": {
+                "cheatCodesEnabled": true,
+                "enableFFI": false
+            }
+        }
+    },
+    "compilation": {
+        "platform": "crytic-compile",
+        "platformConfig": {
+            "target": "test/enigma-dark-invariants/Tester.t.sol",
+            "solcVersion": "",
+            "exportDirectory": "",
+            "args": []
+        }
+    },
+    "logging": {
+        "level": "info",
+        "logDirectory": ""
+    }
+}

test/enigma-dark-invariants/HandlerAggregator.t.sol

@@ -0,0 +1,49 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.19;
+
+// Admin Handler contracts
+import {EulerEarnAdminHandler} from "./handlers/admin/EulerEarnAdminHandler.t.sol";
+import {PublicAllocatorAdminHandler} from "./handlers/admin/PublicAllocatorAdminHandler.t.sol";
+
+// EVC Handler contracts
+import {EVCHandler} from "./handlers/evc/EVCHandler.t.sol";
+
+// EVK Modules Handler contracts
+import {BorrowingModuleHandler} from "./handlers/evk/BorrowingModuleHandler.t.sol";
+import {LiquidationModuleHandler} from "./handlers/evk/LiquidationModuleHandler.t.sol";
+import {GovernanceModuleHandler} from "./handlers/evk/GovernanceModuleHandler.t.sol";
+
+// User Handler contracts,
+import {EulerEarnHandler} from "./handlers/user/EulerEarnHandler.t.sol";
+import {PublicAllocatorHandler} from "./handlers/user/PublicAllocatorHandler.t.sol";
+
+// Standard Handler contracts
+import {ERC20Handler} from "./handlers/standard/ERC20Handler.t.sol";
+import {ERC4626Handler} from "./handlers/standard/ERC4626Handler.t.sol";
+
+// Simulator Handler contracts
+import {DonationAttackHandler} from "./handlers/simulators/DonationAttackHandler.t.sol";
+import {PriceOracleHandler} from "./handlers/simulators/PriceOracleHandler.t.sol";
+
+// Postcondition Handler contracts
+import {ERC4626PostconditionsHandler} from "./handlers/postconditions/ERC4626PostconditionsHandler.t.sol";
+
+/// @notice Helper contract to aggregate all handler contracts, inherited in BaseInvariants
+abstract contract HandlerAggregator is
+    EulerEarnAdminHandler, // Admin handlers
+    PublicAllocatorAdminHandler,
+    EulerEarnHandler, // User handlers
+    PublicAllocatorHandler,
+    EVCHandler, // EVC handlers
+    BorrowingModuleHandler, // EVK handlers
+    LiquidationModuleHandler,
+    GovernanceModuleHandler,
+    ERC20Handler, // Standard handlers
+    ERC4626Handler,
+    DonationAttackHandler, // Simulator handlers
+    PriceOracleHandler,
+    ERC4626PostconditionsHandler // Postcondition handlers
+{
+    /// @notice Helper function in case any handler requires additional setup
+    function _setUpHandlers() internal {}
+}

test/enigma-dark-invariants/Invariants.t.sol

@@ -0,0 +1,116 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.19;
+
+// Interfaces
+import {IERC4626, IERC20} from "lib/openzeppelin-contracts/contracts/interfaces/IERC4626.sol";
+
+// Invariant Contracts
+import {BaseInvariants} from "./invariants/BaseInvariants.t.sol";
+import {ERC4626Invariants} from "./invariants/ERC4626Invariants.t.sol";
+
+/// @title Invariants
+/// @notice Wrappers for the protocol invariants implemented in each invariants contract
+/// @dev recognised by Echidna when property mode is activated
+/// @dev Inherits BaseInvariants
+abstract contract Invariants is BaseInvariants, ERC4626Invariants {
+    ///////////////////////////////////////////////////////////////////////////////////////////////
+    //                                     BASE INVARIANTS                                       //
+    ///////////////////////////////////////////////////////////////////////////////////////////////
+
+    function echidna_INV_BASE() public returns (bool) {
+        for (uint256 i; i < eulerEarnVaults.length; i++) {
+            address eulerEarn_ = eulerEarnVaults[i];
+            for (uint256 j; j < allMarkets[eulerEarn_].length; j++) {
+                IERC4626 market = allMarkets[eulerEarn_][j];
+                assert_INV_BASE_A(market, eulerEarn_);
+                assert_INV_BASE_C(market, eulerEarn_);
+                assert_INV_BASE_D(market, eulerEarn_);
+                assert_INV_BASE_E(market, eulerEarn_);
+            }
+
+            assert_INV_BASE_F(eulerEarn_);
+        }
+
+        return true;
+    }
+
+    function echidna_INV_QUEUES() public returns (bool) {
+        for (uint256 i; i < eulerEarnVaults.length; i++) {
+            address eulerEarn_ = eulerEarnVaults[i];
+            assert_INV_QUEUES_AE(eulerEarn_);
+            assert_INV_QUEUES_B(eulerEarn_);
+        }
+
+        return true;
+    }
+
+    function echidna_INV_TIMELOCK() public returns (bool) {
+        for (uint256 i; i < eulerEarnVaults.length; i++) {
+            address eulerEarn_ = eulerEarnVaults[i];
+            assert_INV_TIMELOCK_A(eulerEarn_);
+            assert_INV_TIMELOCK_D(eulerEarn_);
+            assert_INV_TIMELOCK_E(eulerEarn_);
+            assert_INV_TIMELOCK_F(eulerEarn_);
+        }
+
+        return true;
+    }
+
+    function echidna_INV_MARKETS() public returns (bool) {
+        for (uint256 i; i < eulerEarnVaults.length; i++) {
+            address eulerEarn_ = eulerEarnVaults[i];
+            for (uint256 j; j < allMarkets[eulerEarn_].length; j++) {
+                assert_INV_MARKETS_AB(allMarkets[eulerEarn_][j], eulerEarn_);
+            }
+        }
+
+        return true;
+    }
+
+    function echidna_INV_FEES() public returns (bool) {
+        for (uint256 i; i < eulerEarnVaults.length; i++) {
+            assert_INV_FEES_A(eulerEarnVaults[i]);
+        }
+
+        return true;
+    }
+
+    function echidna_INV_ACCOUNTING() public returns (bool) {
+        for (uint256 i; i < eulerEarnVaults.length; i++) {
+            address eulerEarn_ = eulerEarnVaults[i];
+            assert_INV_ACCOUNTING_A(eulerEarn_);
+        }
+
+        return true;
+    }
+
+    ///////////////////////////////////////////////////////////////////////////////////////////////
+    //                                    ERC4626 INVARIANTS                                     //
+    ///////////////////////////////////////////////////////////////////////////////////////////////
+
+    function echidna_ERC4626_ASSETS_INVARIANTS() public returns (bool) {
+        for (uint256 i; i < eulerEarnVaults.length; i++) {
+            address eulerEarn_ = eulerEarnVaults[i];
+            assert_ERC4626_ASSETS_INVARIANT_A(eulerEarn_);
+            assert_ERC4626_ASSETS_INVARIANT_B(eulerEarn_);
+            assert_ERC4626_ASSETS_INVARIANT_C(eulerEarn_);
+            assert_ERC4626_ASSETS_INVARIANT_D(eulerEarn_);
+        }
+
+        return true;
+    }
+
+    function echidna_ERC4626_USERS() public returns (bool) {
+        for (uint256 i; i < eulerEarnVaults.length; i++) {
+            address eulerEarn_ = eulerEarnVaults[i];
+            for (uint256 j; j < actorAddresses.length; j++) {
+                assert_ERC4626_DEPOSIT_INVARIANT_A(actorAddresses[j], eulerEarn_);
+                assert_ERC4626_MINT_INVARIANT_A(actorAddresses[j], eulerEarn_);
+                assert_ERC4626_WITHDRAW_INVARIANT_A(actorAddresses[j], eulerEarn_);
+                assert_ERC4626_REDEEM_INVARIANT_A(actorAddresses[j], eulerEarn_);
+            }
+        }
+
+        return true;
+    }
+}

test/enigma-dark-invariants/README.md

@@ -0,0 +1,37 @@
+# Actor Based Invariant Testing Suite
+
+<img src="./docs/invariant-suite-overview.png" alt="Enigma Dark suite" width="90%" height="75%">
+
+<br/>
+
+Developed by [vnmrtz.eth](https://x.com/vn_martinez_) from [Enigma Dark](https://www.enigmadark.com/).
+
+<br/>
+
+The Actor Based Invariant Testing Suite is a framework for performing comprehensive invariant testing of the Silo Vaults protocol. Using an actor-based model, it simulates realistic scenarios with various entities interacting with the system, ensuring that protocol invariants and postconditions hold under an extensive range of conditions.
+
+The suite is designed to support multi-actor tooling, randomizing actions, parameters, actor roles, and asset selection to explore edge cases and ensure the robustness of a protocol.
+
+# Specifications
+
+Extensive documentation regarding the architecture and design of the suite can be found [HERE](./docs/overview.md).
+
+Further documentation outlining the properties of the system (both invariants and postconditions) can be found [HERE](./specs/).
+
+# Tooling
+
+The suite has been developed and tested using the following tools:
+
+- [Echidna](https://github.com/crytic/echidna): A battle tested property-based testing tool for Ethereum smart contracts.
+
+# Setup Instructions:
+
+Instructions for setting up the project and running the testing suite with echidna are available [HERE](./docs/internal-docs.md).
+
+## Additional notes
+
+- Ensure you have the latest version of dependencies both tooling and protocol dependencies installed before running the tests.
+- The suite is designed to be modular and extensible, allowing for easy integration of new properties and actors.
+- The suite supports integration with github actions, allowing for automated testing as part of the development workflow.
+
+This suite was developed by Enigma Dark after being engaged by Silo Labs to provide security services for the silo v2 vaults protocol, ensuring that best practices in security and testing are satisfied.