Komet is a new tool from Runtime Verification for property testing and formal verification of Soroban smart contracts on the Stellar blockchain. It supports fuzzing and symbolic execution, integrating seamlessly with Rust for enhanced contract security. The article provides installation steps and a detailed case study testing a simple 'adder' contract.
Runtime Verification introduces Komet, a tool backed by the Stellar Foundation, designed specifically for developers building on Soroban's smart contract platform on Stellar. Komet leverages KWasm and offers fuzzing with randomized inputs and symbolic execution for formal verification, ensuring smart contracts are secure against vulnerabilities common in DeFi applications. Developers write property-based tests in Rust, using familiar Soroban APIs, with seamless integration into the existing workflow. The guide covers installation via the kup package manager and demonstrates usage through a case study on an 'adder' contract, showing how to set up test contracts, define properties with test_ endpoints, compile, and run tests via 'komet test' for fuzzing or 'komet prove run' for proving. This combination provides probabilistic confidence from fuzzing and exhaustive guarantees from symbolic execution, helping uncover edge cases missed by traditional testing.