Testing ERC Tokens at Scale — Approaches, foundations, mutation testing, and analytics
Tokens on Ethereum — fungible (ERC-20), NFTs (ERC-721), vaults (ERC-4626), multi-asset (ERC-1155) — are defined by ERC standards that wallets, decentralised exchanges, and decentralised finance (DeFi) protocols rely on to interoperate. But these standards are unenforced social contracts: of the 210k+ ERC-20 contracts deployed, a significant fraction violate MUST clauses or deviate silently from SHOULD clauses, with consequences ranging from broken interoperability (e.g. fee-on-transfer tokens silently violating the invariants downstream protocols depend on) to exploitable security gaps (e.g. the approve race condition).
We propose a framework for ERC token conformance in which EIP clauses are cast as Hoare triples and discharged by fuzz testing (using the Foundry framework), stratified into levels that separate genuine bugs from legitimate behavioural deviations. We then apply mutation testing to the suite itself on an audited reference implementation: surviving mutants surface five missed properties, and a correlation-based test minimisation halves runtime while preserving detection on real buggy contracts. At ecosystem scale, verdict fingerprints collapse top-tier tokens into a handful of behavioural classes — turning the suite into a sensor on the wild, not just a per-contract verdict.
Tue 30 JunDisplayed time zone: Brussels, Copenhagen, Madrid, Paris change
14:00 - 15:30 | |||
14:00 60mKeynote | Testing ERC Tokens at Scale — Approaches, foundations, mutation testing, and analytics VORTEX | ||
15:00 25mTalk | RV-TEE for Post-Quantum Digital Signatures: Trustworthy Dilithium Deployment VORTEX | ||
