Blockchain and smart contract technology represent novel approaches to trusted services computing, opening the way to services designed specifically for trusted computing. Nevertheless, testing smart contracts is still in its infancy, with plenty of challenges not yet fully explored. We argue that existing tools are primarily for vulnerabilities detection and do not produce test suites suited for human oracles. In this paper, we present AGSOLT, a tool for Automated Generation of Solidity Test Suites. We evaluate the tool's efficiency by implementing two search algorithms to automatically generate test suites for stand-alone Solidity smart contracts, considering some of the blockchain-specific challenges. Subsequently, to test AGSOLT in a realistic service operations scenario, we compared a random search algorithm and a genetic algorithm on a set of 36 real-world service applications featuring smart contracts. We found that AGSOLT is capable of achieving high branch coverage with both approaches and even discovered that some of the most popular Solidity smart contracts on GitHub have design flaws that might, for example, make code functions easily un-executable as a result of requiring too much gas. We conclude that AGSOLT provides a very valuable addition to service operations' pipelines supporting trusted computing applications based on smart contracts.
翻译:屏障链和智能合同技术代表了信任服务计算的新做法,为专为信任计算设计的服务开辟了道路。然而,测试智能合同仍然处于初级阶段,许多挑战尚未充分探讨。我们争辩说,现有工具主要用于脆弱性检测,并不生产适合人类触角的测试套件。在本文中,我们介绍AGSOLT,一个自动生成固态测试套件的工具。我们通过实施两种搜索算法来评估该工具的效率,以自动生成独立固态智能合同的测试套件,同时考虑某些特定链条的挑战。随后,在现实的服务操作情景中测试AGSOLT,我们比较随机搜索算法和基因算法,以36个包含智能合同的实域服务应用程序为基础。我们发现,AGSOLT能够同时实现高分支覆盖,甚至发现,GitHub最受欢迎的一些固态智能合同的设计缺陷可能使代码功能容易执行,因为要求太多的气体。我们的结论是,AGSOLT在支持基于信任的服务器的应用程序上提供了非常有价值的服务操作合同。