Trident#
Rust-based Fuzzing framework for Solana programs to help you ship secure code.
-
Getting Started
Install the Trident Fuzz Testing Framework
-
Start Fuzzing
Focus on security and start fuzzing immediatelly
-
Check the GitHub for unreleased features
Check our GitHub repository to see the unreleased features
-
Trident by Examples
Try the Fuzzing Examples
What is Fuzzing ?#
"Fuzz testing is an automated technique that provides generated random, invalid, or unexpected input data to your program. This helps discover unknown bugs and vulnerabilities, potentially preventing zero-day exploits."
Trident equips developers with tools to efficiently develop fuzz tests for Anchor-based programs. It streamlines the fuzz testing process through automation and comprehensive support
-
Trident Workflow
- Automatically parses Anchor-based programs to generate necessary implementations for deserializing instruction accounts.
- Generates templates for developers to customize according to the specific needs of their fuzz test scenarios.
- Offers derive macros to effortlessly implement required traits, reducing manual coding efforts.
- Includes a bank client and helper functions for simplified account management during testing.
- Provides a Command-Line Interface (CLI) for executing and debugging fuzz tests with ease.
-
Trident Capabilities
- Execution Order of Instructions: Test different sequences and their effects on the program to uncover sequence-related vulnerabilities.
- Instruction Parameters: Identify how variations in inputs influence program behavior, testing for robustness against a wide range of data.
- Instruction Accounts: Explore the impact of different account states on the software's functionality, ensuring comprehensive account testing.
- Comprehensive Testing: Conduct thorough and effective fuzz testing by combining any of the above aspects.