Test Case Generation for Ethereum Smart Contracts Based on Cross-Contract Data Flow Analysis

Smart contracts manage numerous digital assets, their security requirements are particularly prominent. Testing is an effective way to ensure the reliability of smart contracts. Current test case generation methods do not consider the impact of state variables and cross-contract calls on constraint conditions, leading to low test coverage for cross-contracts. In this regard, we propose a Cross-contract Data flow Analysis based Test case Generation (CDA-TG) method for Ethereum smart contracts. First, for each function in the target contract, CDA-TG generates its invocation sequence based on the principle of prioritizing functions that define or modify state variables. Then, for each parameter, CDA-TG performs cross-contract data flow analysis on the target contract, extracting the hard-coded values to build its parameter input pool. On this basis, CDA-TG applies the function invocation sequences to generate an initial set of test cases, where the value of each parameter is selected randomly from its parameter input pool. Finally, to further improve the branch coverage, CDA-TG applies the multiobjective sorting algorithm DynaMOSA to optimize the initial test cases. Our empirical study on 66 real smart contracts verified that CDA-TG can significantly improve the branch coverage of smart contracts, with a 8.86% improvement compared to the state-of-the-art test case generation method AGSolT in cross-contract scenario.