Fuzzer Execution Stability
All fuzz test suites run without panics or unexpected aborts.
Runtime weight limits are respected under high-frequency fuzzed actions.
No out-of-memory errors or infinite loops triggered during fuzzing.
Edge-Case Handling
NFT metadata and payloads of extreme length or unusual characters are processed or rejected gracefully.
Listings with zero, maximum, or overflow-prone price values are handled safely.
Time-bound fields (like listing duration) validate lower/upper edge boundaries correctly.
State Integrity
Marketplace storage remains consistent across randomized sequences (e.g., no orphaned NFTs or mismatched ownership).
No unauthorized listings or purchases are accepted from unprivileged accounts.
Concurrency & Race Conditions
Simulated concurrent marketplace operations (e.g., simultaneous buy/delist) do not create inconsistent states.
Ensure no duplicate bids, double purchases, or timing-related transaction issues.
Security & Logic Validation
Integer overflow/underflow is fully prevented (including price and balance calculations).
Bids and purchases behave consistently across randomized input sequences.
Any token ID reuse is detected and blocked.
Test Coverage Metrics
All key extrinsics (mint, list, buy, delist, transfer, bid) are fuzzed with randomized inputs.
mint
list
buy
delist
transfer
bid
Hook logic (on_initialize, on_finalize) has been indirectly exercised during fuzz tests.
on_initialize
on_finalize
Logs & Observability
Logs (if enabled during fuzzing) do not reveal sensitive data or spam with redundant outputs.
Any detected failures are reproducible using the failing input snapshot or seed.
Documentation & Code Review
All fuzzer utilities and test functions are documented with purpose and expected outcomes.
Code reviewed by at least one team member not involved in the original fuzz logic implementation.
Last updated 9 months ago