Fuzzer
Find deep bugs in smart contracts through specification-guided fuzzing
OrCa is Veridise’s fuzzer tool for EVM-based smart contracts.
Built with formal methods in mind, OrCa goes beyond traditional fuzzers by using developer-supplied specifications to systematically explore contract behavior and identify violations — before your code ever goes live.
What is OrCa fuzzer?
OrCa is a specification-guided fuzzer for Ethereum smart contracts. Unlike black-box or purely random fuzzers, OrCa uses user-defined temporal properties to drive its fuzzing strategy.
It analyzes your contract’s logic to determine how different inputs could lead to violations of safety properties or undesirable program states. These violations are then reported as concrete counterexamples that help developers pinpoint and resolve real bugs.
Core features
Specificationsupport
Write formal specifications using Veridise’s custom [V] specification language that enables simple and concise expression of temporal properties for smart contracts.
Multi-contractfuzzing
Test not just individual contracts, but complex interactions between multiple contracts (e.g. DeFi protocols or governance systems).
Counterexamplereporting
For every failed specification, OrCa returns a concrete input and execution trace that led to the failure — no guesswork required.
Forge-compatible
OrCa is built to work with the Foundry toolchain, making it easy to integrate into modern Solidity development workflows.
Use cases
Explorecode behavior
OrCa is not only a fuzzer: Use OrCa’s statistics reporting engine to better understand unexpected dynamic behaviors of your smart contract protocol.
Validate invariants and assumptions
Use OrCa to ensure your smart contracts behave correctly under all input combinations.
Automate regression testing
Add new specs as your code evolves and let OrCa check for violations automatically.
Complement formal verification
If you’re writing specs but not ready for full proof-based verification, OrCa offers a scalable and pragmatic alternative.
Use OrCa fuzzer to explore andbetter understand protocol behavior
Use OrCa fuzzer to explore and better understand protocol behavior
Beyond bug discovery, OrCa helps auditors quickly explore and understand a protocol’s behavior. This accelerates the early stages of a security audit by revealing how different components interact, saving auditor’s time and building deeper insight from the start.
Why choose OrCa?
Specification-guided: catches bugs aligned with your actual intent
Built for smart contract developers: easy-to-write specs, Foundry-native
High signal: actionable counterexamples, not noise
Developed and maintained by Veridise — industry-leader in blockchain security
Try OrCa today
OrCa fuzzer is available to Veridise audit clients through our AuditHub platform.
Standalone access will be released in the near future.