Wake is a Python-based Solidity development and testing framework with built-in vulnerability detectors and printers

Latest release

3.99

Installation

standalone via pip
pip3 install eth-wake
bundled with VS Code extension

Features

Testing Framework
Development and testing framework for Solidity smart contracts with pytypes, Python-native equivalents of Solidity types and blazing-fast execution.
See examples and documentation for more information.
from wake.testing import *
from pytypes.contracts.Counter import Counter

@default_chain.connect()
def test_counter():
    counter = Counter.deploy()
    assert counter.count() == 0

    counter.increment()
    assert counter.count() == 1
Fuzzer
Property-based fuzzer for Solidity smart contracts that allows testers to write their fuzz tests in Python.

Fuzzer builds on top of the testing framework and allows efficient fuzz testing of Solidity smart contracts.
from wake.testing import *
from wake.testing.fuzzing import *
from pytypes.contracts.Counter import Counter

class CounterTest(FuzzTest):
    def pre_sequence(self) -> None:
        self.counter = Counter.deploy()
        self.count = 0

    @flow()
    def increment(self) -> None:
        self.counter.increment()
        self.count += 1

    @flow()
    def decrement(self) -> None:
        with with may_revert(PanicCodeEnum.UNDERFLOW_OVERFLOW) as e:
            self.counter.decrement()

        if e.value is not None:
            assert self.count == 0
        else:
            self.count -= 1

    @invariant(period=10)
    def count(self) -> None:
        assert self.counter.count() == self.count

@default_chain.connect()
def test_counter():
    CounterTest().run(sequences_count=30, flows_count=100)
Vulnerability & code quality detectors
High precision static analysis detectors focused on minimising false positives inspired by real audit findings.

How to run detectors:
wake detect
Tools for Solidity (Wake)
Learn more
Visual Studio Code Solidity extension, powered by Wake. Displays real-time results of vulnerability detectors along with compiler warnings and errors and helps developers understand the code better.

Wake stops hacks 

Wake is used by Ackee Blockchain team to perform smart contract audits - and it helped to discover a bunch of high and critical vulnerabilities. 
Vulnerability
Severity
Project
Discovered by
Resources
Profit & loss accounted twice
Critical
IPOR
Fuzz test
Console permanent denial of service
High
Brahma
Fuzz test
Swap unwinding formula error
High
IPOR
Fuzz test
Swap unwinding fee accounted twice
High
IPOR
Fuzz test
Incorrect event data
High
Solady
Integration test
INTEREST_FROM_
STRATEGY_BELOW_
ZERO reverts DoS
Medium
IPOR
Fuzz test
Inaccurate hypothetical interest formula
Medium
IPOR
Fuzz test
Swap unwinding fee normalization error
Medium
IPOR
Fuzz test
Missing receive function
Medium
Axelar
Fuzz test

What Wake can do 

Development & testing 
  • Auto-completions when writing tests and deployment scripts thanks to pytypes
  • Type checking for all types generated in pytypes
  • Property-based fuzzer leveraging multiprocessing to maximize the amount of inputs tested
  • Cross-chain testing support
  • Integrated Python debugger (ipdb) attached on test failures
  • Call traces and console.log support for easier debugging
  • Deployment scripts support
  • Better performance than other Python or JavaScript frameworks 
Static analysis
  • Set of ready-to-use vulnerability & code quality detectors
  • Set of ready-to-use printers for extracting and pretty-printing useful information from the project
  • API for implementing custom detectors and printers
  • Github action for automatic execution of detectors in a pipeline
  • Filtering of detections using minimal confidence and impact
Documentation
Wake documentation can be found  here.
License
Licensed under the  ISC license.
Partners