ERCx Overview
Property testing for ERC tokens
Last updated
Property testing for ERC tokens
Last updated
The Ethereum community has come up with different ERC (i.e., Ethereum Request for Comments) token standards (e.g., ERC-20, ERC-721, and ERC-1155) based on the different types of applications in the ecosystem. These are technical documents that specify essential aspects of a contract (management of transfers, delegation, etc.) for developers to adhere to when creating and deploying smart contracts in the Ethereum ecosystem. Contract developers should strive to follow the guidelines of ERC standards as they provide a reference frame during development.
But how confident can we be in the behavior of these contracts? Do they follow the standards? With the permissionless nature of blockchains, anyone can write and deploy smart contracts in blockchain ecosystems. However, smart contracts can be vulnerable to attacks especially in the DeFi space, e.g., the infamous DAO attack.
ERCx addresses these questions. ERCx is a platform that provides token investors, developers and auditors with independent and reliable information on the token properties. The rest of this page details this ambition and vision.
ERCx checks the conformance of a contract to ERC (Ethereum Request for Comments) standards. ERC standards exist for various sorts of tokens, fungible or not. ERC standards specify essential aspects of a contract (management of transfers, delegation, etc.). Contract developers should strive to follow the guidelines of ERC standards as they provide a reference frame during development.
Conformance to the related ERC standard is a good indicator of the quality of a contract. While conformance does not constitute quality assurance, non-conformance indicates that something is wrong. But conformance does not suffice, important desirable properties should be respected as history showed that not respecting these leads to problems. ERCx aims at helping the Ethereum community by providing the following benefits to:
Contract Developers
ERCx not only checks conformance before deployment (hence providing a sanity check) but also indicates satisfaction of important properties.
Token Investors
Non-conformant contracts should be avoided at all costs. For token platforms, ERCx helps quickly assess the quality of some tokens.
Contract/Token Auditors
ERCx provides a first round of assessment about the standard, allowing the expert review to focus on other potential bugs.
To check a given contract, ERCx uses property tests: for the contract under test (cut), we generate a tailored test suite, which is a collection of test cases. Each test case exercises one property prescribed by the underlying ERC standard. Our test suite relies on:
property-based test cases that precisely test the expected behavior and provide user feedback in case of errors; our tests can also be tailored to users' needs, and
the Foundry testing framework, a reliable and easy-to-setup tool that is widely used by developers and auditors.
By executing the ERCx test suite against a cut, we obtain a complete and precise diagnosis of the cut non-conformance or a conformance check. Passing (resp. failing) tests indicate that the contract respects (resp. violates) the associated property. For failing tests, we refer to the ERC standard, thus suggesting the required fixes. Overall, ERCx takes as input some contract description (which can be the source code, the deployment address or the bytecode, of the contract), generates and executes the tests, and finally produces a conformance report.
ERCx concentrates on the technical aspects of a token. It employs specific testing over a finite set of input values, which does not encompass all possible inputs. Importantly, the findings presented are not financial analyses and should never be interpreted as financial advice. The evaluations conducted by ERCx do not equate to an audit.
