Wake
Wake is a Python-based Solidity development and fuzz testing framework with built-in vulnerability detectors for building secure Ethereum dApps.
Install / Use
/learn @Ackee-Blockchain/WakeREADME
Wake
The fuzzing and testing framework for Solidity, written in Python. Wake helps you write safer smart contracts, faster.
Built by Ackee Blockchain Security — trusted auditors of Lido, Safe, and Axelar.
Why Wake?
- Built-in fuzzing — automatically generate diverse inputs and edge cases to uncover hidden vulnerabilities
- Vulnerability detectors — catch reentrancy, overflows, and logic flaws early
- Seamless developer experience — VS Code extension, GitHub Actions, solc manager
- Cross-chain testing — works with Anvil, Hardhat, and Ganache
Features and benefits
- Testing framework based on pytest — write clean, simple tests with familiar tooling
- Manually-guided fuzzing (MGF) — combine automated fuzzing with human insights to target specific contract behaviors and edge cases
- Property-based fuzzer — automatically generate diverse inputs to uncover hidden bugs faster
- Deployments & mainnet interactions — test contracts in realistic environments before going live
- Vulnerability and code quality detectors — detect reentrancy, overflows, and bad patterns early in development
- Printers for extracting useful information from Solidity code — gain insights into contract structures and flows
- Static analysis framework for custom detectors and printers — extend Wake with project-specific rules
- GitHub actions for setting up Wake and running detectors — integrate seamlessly into CI/CD pipelines
- Language server (LSP) — get autocompletion, hints, and references inside your IDE
- VS Code extension (Solidity (Wake)) — instant feedback while writing Solidity code
- Solc version manager — manage compiler versions with ease for consistent builds
Wake vs other tools
| | Slither | ApeWorx | Brownie | Hardhat | Foundry | Wake | | :--- | :---: | :---: | :---: | :---: | :---: | :---: | | Language | Python | Python | Python | Typescript | Rust | Python | | Maintained | ✅ | ✅ | ❌ | ✅ | ✅ | ✅ | | Testing | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ | | Fuzzing | ❌ | ❌ | ✅* |✅** | ✅ | ✅ | | Detectors | ✅ | ❌ | ❌ | ❌ | ❌ | ✅ | | Language server | ❌ | ❌ | ❌ | ✅ | ❌ | ✅ |
* available with Hypothesis plugin ** only in Solidity
Dependencies
- Python (version 3.8 or higher)
- Rosetta must be enabled on Apple Silicon Macs
Installation
via pip
pip3 install eth-wake
Discovered vulnerabilities
| Vulnerability | Severity | Project | Method | Discovered by | Resources |
|-------------------------------------------------|----------|---------|------------------|------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Profit & loss accounted twice | Critical | IPOR | Fuzz test | Ackee Blockchain | Report, Wake tests |
| Loan refinancing reentrancy | Critical | PWN | Detector | Ackee Blockchain | Report |
| Incorrect optimization in loan refinancing | Critical | PWN | Fuzz test | Ackee Blockchain | Report, Wake tests |
| Incorrect enqueued keys accounting | High | Lido | Fuzz test | Ackee Blockchain | Report, Wake tests |
| Console permanent denial of service | High | Brahma | Fuzz test | Ackee Blockchain | Report |
| Swap unwinding formula error | High | IPOR | Fuzz test | Ackee Blockchain | Report, Wake tests |
| Swap unwinding fee accounted twice | High | IPOR | Fuzz test | Ackee Blockchain | Report, Wake tests |
| Incorrect event data | High | Solady | Integration test | Ackee Blockchain | Report, Wake tests |
| INTEREST_FROM_STRATEGY_BELOW_ZERO reverts DoS | Medium | IPOR | Fuzz test | Ackee Blockchain | Report, Wake tests |
| Inaccurate hypothetical interest formula | Medium | IPOR | Fuzz test | Ackee Blockchain | Report, Wake tests |
| Swap unwinding fee normalization error | Medium | IPOR | Fuzz test | Ackee Blockchain | Report, Wake tests |
| Liquidation deposits accounted into LP balance | Medium | IPOR | Fuzz test | Ackee Blockchain | Report, Wake tests |
| Missing receive function | Medium | Axelar | Fuzz test | Ackee Blockchain | Wake tests |
| SafeERC20 not used for approve | Medium | Lido | Fuzz test | Ackee Blockchain | Wake tests |
| Non-optimistic vetting & unbonded keys bad accounting | Medium | Lido | Fuzz test | Ackee Blockchain | Report, Wake tests |
| Chainlink common denominator bad logic | Medium | PWN | Fuzz test | Ackee Blockchain | Report, Wake tests |
| Outdated/reverting Chainlink feed causes DoS | Medium | PWN | Fuzz test | Ackee Blockchain | Report, Wake tests |
| Incorrect EIP-712 typehash | Medium | PWN | Detector | Ackee Blockchain | Report |
| Incorrect EIP-712 data encoding | Medium | PWN | Fuzz test | Ackee Blockchain | Report, Wake tests |
Features in-depth
Fuzzer
Wake’s fuzzer builds
Related Skills
gh-issues
341.6kFetch GitHub issues, spawn sub-agents to implement fixes and open PRs, then monitor and address PR review comments. Usage: /gh-issues [owner/repo] [--label bug] [--limit 5] [--milestone v1.0] [--assignee @me] [--fork user/repo] [--watch] [--interval 5] [--reviews-only] [--cron] [--dry-run] [--model glm-5] [--notify-channel -1002381931352]
node-connect
341.6kDiagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps
claude-opus-4-5-migration
84.6kMigrate prompts and code from Claude Sonnet 4.0, Sonnet 4.5, or Opus 4.1 to Opus 4.5
frontend-design
84.6kCreate distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.
