ERCx

Property testing for ERC tokens

The Ethereum community has introduced various ERC (Ethereum Request for Comments) token standards, such as ERC-20, ERC-721, and ERC-1155. These standards cater to different types of applications within the ecosystem. They are technical documents that outline crucial aspects of a contract, such as transfer management and delegation. Developers creating and deploying smart contracts in the Ethereum ecosystem should follow these guidelines as they provide a reference during development.

However, how can we be sure these contracts adhere to the standards? Given the permissionless nature of blockchains, anyone can write and deploy smart contracts. Yet, these contracts can be susceptible to attacks, particularly in the DeFi space, like the notorious DAO attack.

ERCx aims to address these uncertainties. It's a platform offering token investors, developers, and auditors reliable and independent information on token properties.

Why use ERCx?

ERCx checks a contract's conformance to the ERC (Ethereum Request for Comments) standards. These standards apply to different types of tokens, whether fungible or not. They outline the key aspects of a contract, such as transfer management and delegation. Contract developers should aim to adhere to ERC standards, as they offer a useful reference during development.

Benefits

Conformance to the relevant ERC standard is a reliable indicator of contract quality. While conformance doesn't guarantee quality, non-conformance highlights potential issues. However, conformance alone isn't enough. It's crucial to adhere to other important properties since neglecting these can lead to problems. ERCx assists the Ethereum community by offering the following advantages:

  • If you're a Contract Developer:

    ERCx reviews conformance before deployment provides a preliminary check, and indicates if important properties are satisfied.

  • If you're a Token Investor:

    It's crucial to avoid non-conformant contracts. ERCx assists token platforms by swiftly evaluating the quality of certain tokens.

  • If you're a Contract or Token Auditor

    ERCx gives an initial assessment of the standard, enabling expert review to concentrate on other potential issues.

How does ERCx work?

To verify a given contract, ERCx utilizes property tests. For the contract under test (CUT), we generate a tailored test suite, comprising various test cases. Each case tests a specific property as defined by the relevant ERC standard. Our test suite is built upon:

  1. Property-based test cases that accurately assess the expected behavior and provide user feedback when errors occur. These tests can also be customized based on user requirements.

  2. The Foundry testing framework is a reliable and straightforward tool that developers and auditors frequently use.

By running the ERCx test suite against a CUT, we obtain a comprehensive and precise evaluation of the CUT's compliance or non-compliance. Passing (or failing) tests signify that the contract adheres to (or violates) the corresponding property. For failed tests, we reference the ERC standard to suggest necessary fixes. In summary, ERCx takes a contract description as input (which could be the source code, deployment address, or bytecode of the contract), generates and executes the tests, and ultimately produces a compliance report.

Caution / Disclaimer

ERCx concentrates on the technical aspects of a token. It employs specific testing over a finite set of input values, which does not encompass all possible inputs. Importantly, the findings presented are not financial analyses and should never be interpreted as financial advice. The evaluations conducted by ERCx do not equate to an audit.

Last updated