[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"article-deep-evm-19-zhinen-heyue-jiyushuxing-ceshi-mohu":3},{"article":4,"author":60},{"id":5,"category_id":6,"title":7,"slug":8,"excerpt":9,"content_md":10,"content_html":11,"locale":12,"author_id":13,"published":14,"published_at":15,"meta_title":16,"meta_description":17,"focus_keyword":18,"og_image":19,"canonical_url":19,"robots_meta":20,"created_at":15,"updated_at":15,"tags":21,"category_name":39,"related_articles":40},"d3000000-0000-0000-0000-000000000119","a0000000-0000-0000-0000-000000000032","Deep EVM #19：智能合约的基于属性测试——Foundry模糊测试","deep-evm-19-zhinen-heyue-jiyushuxing-ceshi-mohu","使用Foundry为智能合约实施基于属性的测试和模糊测试，发现传统单元测试遗漏的边界情况。","## 什么是基于属性的测试\n\n传统单元测试验证特定输入的特定输出。基于属性的测试定义不变量（应始终为真的属性），然后让模糊测试器生成数千个随机输入来尝试违反这些不变量。\n\n## Foundry模糊测试\n\nFoundry内置强大的模糊测试器。任何接受参数的测试函数自动成为模糊测试：\n\n```solidity\n\u002F\u002F Foundry会用随机值调用此函数数千次\nfunction testInvariant_TotalSupplyNeverDecreases(\n    address from,\n    address to,\n    uint256 amount\n) public {\n    uint256 supplyBefore = token.totalSupply();\n    \u002F\u002F ... 执行操作 ...\n    assertGe(token.totalSupply(), supplyBefore);\n}\n```\n\n## 不变量测试\n\nFoundry的不变量测试在每次操作后验证全局属性：\n\n```solidity\nfunction invariant_SumOfBalancesEqualsTotalSupply() public {\n    uint256 sum = 0;\n    for (uint i = 0; i \u003C holders.length; i++) {\n        sum += token.balanceOf(holders[i]);\n    }\n    assertEq(sum, token.totalSupply());\n}\n```\n\n## 实际发现的Bug\n\n模糊测试经常发现手动测试遗漏的问题：\n- 整数边界条件\n- 零值处理\n- 特殊地址（零地址、合约自身地址）\n- 大额转账的舍入误差\n\n## 总结\n\n基于属性的测试是智能合约安全的核心工具。它能自动发现你无法想象的边界情况，是传统单元测试的有力补充。","\u003Ch2 id=\"\">什么是基于属性的测试\u003C\u002Fh2>\n\u003Cp>传统单元测试验证特定输入的特定输出。基于属性的测试定义不变量（应始终为真的属性），然后让模糊测试器生成数千个随机输入来尝试违反这些不变量。\u003C\u002Fp>\n\u003Ch2 id=\"foundry\">Foundry模糊测试\u003C\u002Fh2>\n\u003Cp>Foundry内置强大的模糊测试器。任何接受参数的测试函数自动成为模糊测试：\u003C\u002Fp>\n\u003Cpre>\u003Ccode class=\"language-solidity\">\u002F\u002F Foundry会用随机值调用此函数数千次\nfunction testInvariant_TotalSupplyNeverDecreases(\n    address from,\n    address to,\n    uint256 amount\n) public {\n    uint256 supplyBefore = token.totalSupply();\n    \u002F\u002F ... 执行操作 ...\n    assertGe(token.totalSupply(), supplyBefore);\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch2 id=\"\">不变量测试\u003C\u002Fh2>\n\u003Cp>Foundry的不变量测试在每次操作后验证全局属性：\u003C\u002Fp>\n\u003Cpre>\u003Ccode class=\"language-solidity\">function invariant_SumOfBalancesEqualsTotalSupply() public {\n    uint256 sum = 0;\n    for (uint i = 0; i &lt; holders.length; i++) {\n        sum += token.balanceOf(holders[i]);\n    }\n    assertEq(sum, token.totalSupply());\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch2 id=\"bug\">实际发现的Bug\u003C\u002Fh2>\n\u003Cp>模糊测试经常发现手动测试遗漏的问题：\u003C\u002Fp>\n\u003Cul>\n\u003Cli>整数边界条件\u003C\u002Fli>\n\u003Cli>零值处理\u003C\u002Fli>\n\u003Cli>特殊地址（零地址、合约自身地址）\u003C\u002Fli>\n\u003Cli>大额转账的舍入误差\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch2 id=\"\">总结\u003C\u002Fh2>\n\u003Cp>基于属性的测试是智能合约安全的核心工具。它能自动发现你无法想象的边界情况，是传统单元测试的有力补充。\u003C\u002Fp>\n","zh","b0000000-0000-0000-0000-000000000001",true,"2026-03-28T10:44:26.296508Z","智能合约的基于属性测试——Foundry模糊测试","使用Foundry模糊测试为智能合约实施基于属性的测试，发现传统测试遗漏的边界情况。","基于属性测试 模糊测试",null,"index, follow",[22,27,31,35],{"id":23,"name":24,"slug":25,"created_at":26},"c0000000-0000-0000-0000-000000000016","EVM","evm","2026-03-28T10:44:21.513630Z",{"id":28,"name":29,"slug":30,"created_at":26},"c0000000-0000-0000-0000-000000000021","Foundry","foundry",{"id":32,"name":33,"slug":34,"created_at":26},"c0000000-0000-0000-0000-000000000013","Security","security",{"id":36,"name":37,"slug":38,"created_at":26},"c0000000-0000-0000-0000-000000000018","Yul","yul","区块链",[41,48,54],{"id":42,"title":43,"slug":44,"excerpt":45,"locale":12,"category_name":46,"published_at":47},"d0000000-0000-0000-0000-000000000668","为什么Bali在2026年正在成为东南亚的影响力科技中心","weishenme-bali-2026-zhengzai-chengwei-dongnanya-yingxiangli-keji-zhongxin","Bali在东南亚创业生态系统中排名第16位。随着Web3构建者、AI可持续发展初创公司和生态旅游科技公司的集中，该岛正在打造区域影响力科技之都的独特定位。","工程","2026-03-28T10:44:48.898750Z",{"id":49,"title":50,"slug":51,"excerpt":52,"locale":12,"category_name":46,"published_at":53},"d0000000-0000-0000-0000-000000000667","ASEAN数据保护拼图：开发者合规清单","asean-shuju-baohu-pintu-kaifazhe-heguiqingdan","七个ASEAN国家现已拥有全面的数据保护法律，各自具有不同的同意模型、本地化要求和处罚结构。这是一份为构建多国应用程序的开发者准备的实用合规清单。","2026-03-28T10:44:48.893467Z",{"id":55,"title":56,"slug":57,"excerpt":58,"locale":12,"category_name":46,"published_at":59},"d0000000-0000-0000-0000-000000000666","Indonesia 290亿美元数字化转型：软件公司的机遇","indonesia-290yi-meiyuan-shuzihua-zhuanxing-ruanjian-gongsi-jiyu","Indonesia IT服务市场预计在2026年达到290.3亿美元，高于2025年的243.7亿美元。云基础设施、AI、电子商务和数据中心正在推动东南亚最快的增长。","2026-03-28T10:44:48.875457Z",{"id":13,"name":61,"slug":62,"bio":63,"photo_url":19,"linkedin":19,"role":64,"created_at":65,"updated_at":65},"Open Soft Team","open-soft-team","The engineering team at Open Soft, building premium software solutions from Bali, Indonesia.","Engineering Team","2026-03-28T08:31:22.226811Z"]