follow @wakeframework on X<\/a>.<\/p>\nConclusion<\/h2>\n
Manually guided fuzzing provides a systematic approach to verify contract behavior while offering deep insight into contract logic and edge cases.<\/p>\n
Appendix – Full Code<\/h2>\n
token.sol<\/p>\n
\/\/ SPDX-License-Identifier: MIT\npragma solidity ^0.8.0;\n\n\ncontract Token {\n address public immutable owner;\n mapping(address => uint256) public tokenBalance;\n\n event Transfer(address indexed from, address indexed to, uint256 value);\n event TokensMinted(address indexed to, uint256 amount);\n\n error NotEnoughTokens(uint256 requested, uint256 balance);\n error NotAuthorized(address caller);\n\n constructor() {\n owner = msg.sender;\n }\n\n modifier onlyOwner() {\n if (msg.sender != owner) {\n revert NotAuthorized(msg.sender);\n }\n _;\n }\n\n function mintTokens(address recipient, uint256 amount) external onlyOwner {\n tokenBalance[recipient] += amount;\n emit TokensMinted(recipient, amount);\n }\n\n function transfer(address to, uint256 amount) external {\n if (tokenBalance[msg.sender] < amount) {\n revert NotEnoughTokens(amount, tokenBalance[msg.sender]);\n }\n\n tokenBalance[msg.sender] -= amount;\n tokenBalance[to] += amount;\n\n emit Transfer(msg.sender, to, amount);\n }\n\n function transferWithBytes(bytes calldata data) external {\n (address to, uint256 amount) = abi.decode(data, (address, uint256));\n if (tokenBalance[msg.sender] < amount) {\n revert NotEnoughTokens(amount, tokenBalance[msg.sender]);\n }\n tokenBalance[msg.sender] -= amount;\n tokenBalance[to] += amount;\n emit Transfer(msg.sender, to, amount);\n }\n\n function getBalance(address account) external view returns (uint256) {\n return tokenBalance[account];\n }\n}<\/code><\/pre>\ntest_token_fuzz.py<\/p>\n
from wake.testing import *\nfrom collections import defaultdict\nfrom wake.testing.fuzzing import *\n\nfrom pytypes.contracts.Token import Token\n\nimport logging\nlogger = logging.getLogger(__name__)\nlogger.setLevel(logging.INFO)\n\n# Print failing tx call trace\ndef revert_handler(e: RevertError):\n if e.tx is not None:\n print(e.tx.call_trace)\nclass TokenFuzz(FuzzTest):\n\n token_owner: Account\n token: Token\n token_balances: dict[Account, int]\n\n def pre_sequence(self):\n self.token_owner = random_account()\n self.token = Token.deploy(from_=self.token_owner)\n self.token_balances = defaultdict(int)\n\n @flow()\n def flow_mint_tokens(self):\n ## prepare random input\n recipient = random_account() # or list(chain.accounts) + [self.token]\n amount = random_int(0, 10**30)\n actor = random_account()\n\n ## run transaction\n with may_revert() as e:\n tx = self.token.mintTokens(recipient.address, amount, from_=actor)\n if e.value is not None:\n if actor != self.token_owner:\n assert e.value == Token.NotAuthorized(actor.address)\n return "Not authorized"\n assert False\n\n ## check events\n events = [e for e in tx.events if isinstance(e, Token.TokensMinted)]\n assert len(events) == 1\n assert events[0].to == recipient.address\n assert events[0].amount == amount\n\n ## update python state\n self.token_balances[recipient] += amount\n\n logger.info(f"Minted {amount} tokens to {recipient.address}")\n\n @flow()\n def flow_transfer_tokens(self):\n recipient = random_account()\n amount = random_int(0, 10**30)\n actor = random_account()\n with may_revert() as e:\n tx = self.token.transfer(recipient.address, amount, from_=actor)\n\n if e.value is not None:\n if self.token_balances[actor] < amount:\n assert e.value == Token.NotEnoughTokens(amount, self.token_balances[actor])\n return "Not enough tokens"\n assert False\n\n events = [e for e in tx.events if isinstance(e, Token.Transfer)]\n assert len(events) == 1\n assert events[0].from_ == actor.address\n assert events[0].to == recipient.address\n assert events[0].value == amount\n\n self.token_balances[recipient] += amount\n self.token_balances[actor] -= amount\n\n logger.info(f"Transferred {amount} tokens from {actor.address} to {recipient.address}")\n\n\n @flow()\n def flow_transfer_tokens_with_bytes(self):\n recipient = random_account()\n amount = random_int(0, 10**30)\n actor = random_account()\n with may_revert() as e:\n tx = self.token.transferWithBytes(abi.encode(recipient.address, uint256(amount)), from_=actor)\n if e.value is not None:\n if self.token_balances[actor] < amount:\n assert e.value == Token.NotEnoughTokens(amount, self.token_balances[actor])\n return "Not enough tokens"\n assert False\n\n events = [e for e in tx.events if isinstance(e, Token.Transfer)]\n assert len(events) == 1\n assert events[0].from_ == actor.address\n assert events[0].to == recipient.address\n assert events[0].value == amount\n\n self.token_balances[recipient] += amount\n self.token_balances[actor] -= amount\n\n logger.info(f"Transferred {amount} tokens from {actor.address} to {recipient.address}")\n\n @invariant()\n def invariant_token_balances(self):\n for account in list(self.token_balances.keys()) + [self.token]:\n assert self.token.getBalance(account.address) == self.token_balances[account]\n\n\n @invariant()\n def invariant_token_owner(self):\n assert self.token.owner() == self.token_owner.address\n\n\n\n@chain.connect()\ndef test_default():\n TokenFuzz.run(sequences_count=10, flows_count=10000)<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"Introduction Manually guided fuzzing (MGF) is a testing methodology that finds critical vulnerabilities by systematically testing smart contract behavior through guided test scenarios. Unlike traditional fuzzing that relies on randomness alone, MGF allows developers to define specific test flows and invariants, providing more targeted and effective vulnerability detection. Learn MGF to strengthen your smart contract security. Comprehensive documentation: Wake Testing Framework –…<\/p>\n","protected":false},"author":24,"featured_media":755,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[61,10,63,103],"tags":[87,156,88,28,102,104],"class_list":["post-1137","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education","category-ethereum","category-tutorial","category-wake","tag-education","tag-fuzz-testing","tag-how-to","tag-smart-contract","tag-tutorial","tag-wake"],"aioseo_notices":[],"featured_image_src":"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2024\/06\/4-600x400.png","featured_image_src_square":"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2024\/06\/4-600x600.png","author_info":{"display_name":"Naoki Yoshida","author_link":"https:\/\/ackee.xyz\/blog\/author\/naoki-yoshida\/"},"_links":{"self":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/posts\/1137","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/users\/24"}],"replies":[{"embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/comments?post=1137"}],"version-history":[{"count":0,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/posts\/1137\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/media\/755"}],"wp:attachment":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/media?parent=1137"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/categories?post=1137"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/tags?post=1137"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
![\"\"](\"https:\/\/abchprod.wpengine.com\/wp-content\/uploads\/2025\/09\/mgf_lifecycle-e1757340582484.png\")
<\/p>\n