Quick Security Test Snippet

1. Hardhat Unit Test Example

const { expect } = require("chai");
const { ethers } = require("hardhat");

describe("VSC Token Contract Security Tests", function () {
  let Token, token, owner, addr1;

  beforeEach(async function () {
    [owner, addr1] = await ethers.getSigners();
    Token = await ethers.getContractFactory("MyToken");
    token = await Token.deploy();
    await token.deployed();
  });

  it("Should allow owner to mint tokens", async function () {
    await token.mint(addr1.address, 1000);
    expect(await token.balanceOf(addr1.address)).to.equal(1000);
  });

  it("Should prevent non-owners from minting", async function () {
    await expect(token.connect(addr1).mint(addr1.address, 1000)).to.be.revertedWith("Ownable: caller is not the owner");
  });

  it("Should handle transfers safely", async function () {
    await token.mint(owner.address, 1000);
    await token.transfer(addr1.address, 500);
    expect(await token.balanceOf(addr1.address)).to.equal(500);
  });
});


2. Foundry Fuzz Test Example

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;

import "forge-std/Test.sol";
import "../src/MyToken.sol";

contract MyTokenTest is Test {
    MyToken token;

    function setUp() public {
        token = new MyToken();
    }

    // Fuzz testing for transfer amounts
    function testFuzz_Transfer(uint256 amount) public {
        vm.assume(amount < 1e18); // Avoid overflow
        token.mint(address(this), amount);
        token.transfer(address(0x123), amount);
        assertEq(token.balanceOf(address(0x123)), amount);
    }

    // Test for ownership protection
    function testFail_NonOwnerMint() public {
        vm.prank(address(0x456));
        token.mint(address(0x789), 1000); // Should revert
    }
}


Developer Tips: