Hacken, a leading cybersecurity provider, introduces the code coverage generating tool for WebAssembly (Wasm)-based protocols. It helps to ensure that the whole codebase gets tested, ultimately fortifying its security and reliability. For context, Wasm is the second most popular option for smart contracts after the Ethereum Virtual Machine (EVM), but it doesn’t offer native code coverage utility
Automatic testing is a cornerstone of software development. However, this assurance is only complete when complemented by robust Code Coverage utilities such as Istanbul.js, LLVM-cov, or Solidity-Coverage. Software testing without code coverage analysis fails to ascertain the thoroughness of code examination. This lack of assurance regarding the extent of code ution can leave critical components untested, heightening the risk of undetected defects. While it is available for Ethereum-based projects, Wasm-based protocols dont have an option to check test coverage. It may lead to critical security gaps even after all the security best practices are followed.
The solution developed by Hacken’s top researchers Noah Jelich and Bartosz Barwikowski is an open-source Rust library called Wasmcov that leverages low-level LLVM functionality, overcoming limitations in current coverage support for Wasm compilation. The result is a powerful tool that allows coverage measurement directly on the target , eliminating discrepancies between host and target environments.
The solution is already integrated into the Radix eco, which enables all Radix-built projects to utilize code coverage measurement. The next protocol to get Wasmcov integrated will be NEAR. Projects that are built on other Wasm-based protocols can set up Wasmcov manually following the documentation. The libraries and set-up guidelines are available on Hackens Github repository
“In the current industry landscape, WASM code coverage is limited to typical compilation targets, rather than encompassing the specific ution environments. You could run tests on the real runtime, but it took manual cumbersome work to check their coverage, and could potentially lead to missing vulnerabilities But now, things are shifting. We’re introducing more robust tooling for Wasm, aiming to streamline and secure the process”
– Noah Jelich, Wasmcov Co-Creator, and Hacken Security Researcher
Hacken’s solution is poised to transform the landscape of code testing for WebAssembly-based projects, enabling developers to automate test coverage, ensure code quality, and guarantee compatibility with specific target configurations
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
