Wake

The fastest fuzzing and testing framework for Solidity, written in Python. Wake helps you write safer smart contracts, faster.

Built by Ackee Blockchain Security — trusted auditors of Lido, Safe, and Axelar.

---

🚀 Why Wake?

Testing Solidity is hard. Unit tests only go so far, and hidden bugs surface under real-world transaction flows. Wake fills the gap with:

• Blazing-fast execution — Python-native types and pytest integration
• Built-in fuzzing & vulnerability detectors — catch reentrancy, overflows, and logic flaws early
• Seamless developer experience — VS Code extension, GitHub Actions, solc manager
• Cross-chain testing — works with Anvil, Hardhat, and Ganache

---

✨ Features and benefits

• Testing framework based on pytest — write clean, simple tests with familiar tooling
• Property-based fuzzer — automatically generate diverse inputs to uncover hidden bugs faster
• Deployments & mainnet interactions — test contracts in realistic environments before going live
• Vulnerability and code quality detectors — detect reentrancy, overflows, and bad patterns early in development
• Printers for extracting useful information from Solidity code — gain insights into contract structures and flows
• Static analysis framework for custom detectors and printers — extend Wake with project-specific rules
• GitHub actions for setting up Wake and running detectors — integrate seamlessly into CI/CD pipelines
• Language server (LSP) — get autocompletion, hints, and references inside your IDE
• VS Code extension (Tools for Solidity) — instant feedback while writing Solidity code
• Solc version manager — manage compiler versions with ease for consistent builds

---

📊 Wake vs other tools

---

Dependencies

• Python (version 3.8 or higher)
• Rosetta must be enabled on Apple Silicon Macs

Installation

via pip

pip3 install eth-wake

Discovered vulnerabilities

Vulnerability	Severity	Project	Method	Discovered by	Resources
Profit & loss accounted twice	Critical	IPOR	Fuzz test	Ackee Blockchain	Report, Wake tests
Loan refinancing reentrancy	Critical	PWN	Detector	Ackee Blockchain	Report
Incorrect optimization in loan refinancing	Critical	PWN	Fuzz test	Ackee Blockchain	Report, Wake tests
Console permanent denial of service	High	Brahma	Fuzz test	Ackee Blockchain	Report
Swap unwinding formula error	High	IPOR	Fuzz test	Ackee Blockchain	Report, Wake tests
Swap unwinding fee accounted twice	High	IPOR	Fuzz test	Ackee Blockchain	Report, Wake tests
Incorrect event data	High	Solady	Integration test	Ackee Blockchain	Report, Wake tests
INTEREST_FROM_STRATEGY_BELOW_ZERO reverts DoS	Medium	IPOR	Fuzz test	Ackee Blockchain	Report, Wake tests
Inaccurate hypothetical interest formula	Medium	IPOR	Fuzz test	Ackee Blockchain	Report, Wake tests
Swap unwinding fee normalization error	Medium	IPOR	Fuzz test	Ackee Blockchain	Report, Wake tests
Liquidation deposits accounted into LP balance	Medium	IPOR	Fuzz test	Ackee Blockchain	Report, Wake tests
Missing receive function	Medium	Axelar	Fuzz test	Ackee Blockchain	Wake tests
SafeERC20 not used for approve	Medium	Lido	Fuzz test	Ackee Blockchain	Wake tests
Non-optimistic vetting & unbonded keys bad accounting	Medium	Lido	Fuzz test	Ackee Blockchain	Report, Wake tests
Chainlink common denominator bad logic	Medium	PWN	Fuzz test	Ackee Blockchain	Report, Wake tests
Outdated/reverting Chainlink feed causes DoS	Medium	PWN	Fuzz test	Ackee Blockchain	Report, Wake tests
Incorrect EIP-712 typehash	Medium	PWN	Detector	Ackee Blockchain	Report
Incorrect EIP-712 data encoding	Medium	PWN	Fuzz test	Ackee Blockchain	Report, Wake tests

---

Features in-depth

🔍 Fuzzer

Wake’s fuzzer builds on top of the testing framework and allows efficient fuzz testing of Solidity smart contracts.

from wake.testing import *
from wake.testing.fuzzing import *
from pytypes.contracts.Counter import Counter

class CounterTest(FuzzTest):
    def pre_sequence(self) -> None:
        self.counter = Counter.deploy()
        self.count = 0

    @flow()
    def increment(self) -> None:
        self.counter.increment()
        self.count += 1

    @flow()
    def decrement(self) -> None:
        with may_revert(PanicCodeEnum.UNDERFLOW_OVERFLOW) as e:
            self.counter.decrement()

        if e.value is not None:
            assert self.count == 0
        else:
            self.count -= 1

    @invariant(period=10)
    def count(self) -> None:
        assert self.counter.count() == self.count

@chain.connect()
def test_counter():
    CounterTest().run(sequences_count=30, flows_count=100)

---

🛠 Detectors and printers

All vulnerability & code quality detectors can be run using:

wake detect all

Run a specific detector:

wake detect <detector-name>

See the documentation for a full list of detectors.

Run a printer:

wake print <printer-name>

See the documentation for a full list of printers.

For custom detectors & printers, check the getting started guide and repos for wake_detectors and wake_printers.

---

🖥 LSP Server

Wake implements an LSP server for Solidity. Run it with:

wake lsp

Or specify a port (default 65432):

wake lsp --port 1234

See all features in the documentation.

---

📚 Documentation, contribution and community

• Wake documentation
• Contributing guide
• Follow X/Twitter for updates and tips

---

📜 License

This project is licensed under the ISC license.

---

🤝 Partners

RockawayX	Coinbase