Command and Options
Once you are in the directory where the magic_mirror executable is located, you can find the help message using the following commands.
Modes
MagicMirror can fuzz contracts in two modes, either by fuzzing one.sol contract file, or a batch of .sol contract files in a directory.
$ ./magic_mirror --help
Usage: magic_mirror [OPTIONS] COMMAND [ARGS]...
Options:
--help Show this message and exit.
Commands:
batch-mode
single-file-modeSingle File Mode
The following help message shows what configurations can be customized for single-file-mode.
$ ./magic_mirror single-file-mode --help
Usage: magic_mirror single-file-mode [OPTIONS]
Options:
--contract_dir TEXT Directory to contract file. [required]
--contract_name TEXT Name of contract to be fuzzed within the
contract file. If not provided, all fully
implemented contracts within the file that
are not inherited by other contracts will be
fuzzed.
--solc_version TEXT Solidity compiler version to be used. If not
provided, auto compiler version detection
will be used. E.g. "0.4.24"
--solc_path TEXT If we do not have the specific compiler
version you need, you can provide the path
to your own solc compiler to be used
instead.
--output_dir TEXT Location where reports will be stored. If
not set, default output location will be
./report
--num_of_accounts INTEGER Number of wallet accounts to use for
fuzzing, default 2.
--num_of_attacking_contracts INTEGER
Number of attacker contracts to deploy for
fuzzing target contract, default 2.
--exploration_depth INTEGER The maximum transaction sequence length to
explore before restart fuzzing from
constructor. When not provided, the default
is 2 times the number of public functions in
the contract.
--exploration_width INTEGER The number of times to fuzz a set of
contract states at a given depth level, the
default is 2 times the exploration_depth.
--timeout INTEGER Fuzzing timeout in minutes, default 10
minutes. E.g. "60".
--max_times_per_function INTEGER
The maximum number of times a function can
be fuzzed. E.g. "100", default is no limit.
--ct_strength INTEGER Combinatorial testing t-way test strength,
default "2".
--disable_ct Disable combinatorial testing, combinatorial
testing is enabled by default.
--using_dependency_guided_state_exploration
By default, we explore the state space
randomly, when enabled, we try to utilize
function dependency based on state variable
read/write to guide fuzzing. When enabled,
exploration depth and width no longer
applies. This is an experimental feature,
may not be necessarily better than default
random state exploration.
--verbose When enabled, a log file containing
execution logs will be saved as output.
--help Show this message and exit.Batch Mode
MagicMirror takes the path to a directory as input, and fuzzes all .sol contract files stored within it. Some options that were available insingle-file-mode are not customizable in batch-mode because such options often cannot be applied across all contracts in the batch, i.e. --contract_name --solc_version --solc_path.
$ ./magic_mirror batch-mode --help
Usage: magic_mirror batch-mode [OPTIONS]
Options:
--folder_dir TEXT Directory to folder containing contracts to
be fuzzed. [required]
--output_dir TEXT Location where reports will be stored. If
not set, default output location will be
./report
--num_of_accounts INTEGER Number of wallet accounts to use for
fuzzing, default 2.
--num_of_attacking_contracts INTEGER
Number of attacker contracts to deploy for
fuzzing target contract, default 2.
--exploration_depth INTEGER The maximum transaction sequence length to
explore before restart fuzzing from
constructor. When not provided, the default
is 2 times the number of public functions in
the contract.
--exploration_width INTEGER The number of times to fuzz a set of
contract states at a given depth level, the
default is 2 times the exploration_depth.
--timeout INTEGER Fuzzing timeout per contract in minutes,
default 10 minutes. E.g. "60"
--max_times_per_function INTEGER
The maximum number of times a function can
be fuzzed, excluding combinatorial test
cases. E.g. "100", default is no limit.
--ct_strength INTEGER Combinatorial testing t-way test strength,
default "2".
--disable_ct Disable combinatorial testing, default
enabled.
--using_dependency_guided_state_exploration
By default, we explore the state space
randomly, when enabled, we try to utilize
function dependency based on state variable
read/write to guide fuzzing. When enabled,
exploration depth and width no longer
applies.
--verbose When verbose is enabled, a log file
containing execution logs will be saved as
output.
--help Show this message and exit.Look and Feel
Last updated
