25-Minute Solidity Fuzzer: Fuzzing Smarter, Not Harder — A Hands-On Workshop
Watch my hands-on workshop from Protocol Berg 2025 in Berlin, “25-Minute Solidity Fuzzer: Fuzzing Smarter, Not Harder”. In this hands-on session, I demonstrate how to build a functional EVM/Solidity smart contract fuzzer in Python, all within 25 minutes.
❦ ❦ ❦
Workshop Overview
Fuzzing and Formal Methods are often seen as competing approaches to smart contract security. In this hands-on workshop, we combine insights from both: I guide you through building a functional EVM/Solidity smart contract fuzzer in Python — all within just 25 minutes — and showcase how a formal methods mindset can significantly improve your fuzzing outcomes.
Note: Although specific to EVM and Solidity, the techniques and insights are broadly applicable also to other smart contract languages, different blockchains, and fuzzing in general.
What You Will Learn
Beyond the build, we dive into crucial questions that will elevate your fuzzing strategy:
- How can we measure the success of our fuzzing campaign?
- Is the number of runs a reliable coverage metric?
- What alternative metrics could provide deeper insights?
- Why is naive input generation insufficient for smart contracts?
- How can we improve input generation to achieve better coverage?
