Building Testing Strategy for Blockchain Protocols and Dapps

Hey there! If you're diving into the world of modern blockchain systems, I've got a really hands-on guide for you. This one's all about testing, especially with the latest updates like Dencun and the adoption of ERC-4337, alongside the ever-changing testnets. It's a great resource for both startups and bigger enterprises that are after genuine reliability--not just a bunch of empty hype. In this post, we're diving into the protocol changes rolling out in 2024-2025. We’ll simplify everything into easy-to-follow test plans, handy tools, and CI gates that you can start using today. _.

Why your Web3 test strategy must change (2024-2025)

So, on March 13, 2024, the Ethereum Dencun upgrade, which is also known as Cancun/Deneb, officially kicked off. This update introduced blob-carrying transactions, thanks to EIP-4844. Exciting stuff! Oh, and they also rolled out a new blob fee market along with a data availability window that spans about 18 days. This is a total game-changer for how rollups manage data. It really shifts the way you approach testing for data availability and the costs that come with it. If you want to dive deeper into it, check out ethereum.org. There's a lot of great info waiting for you there!

So, with the Dencun update, we’ve got some cool new features in Solidity version 0. One of them is transient storage (that’s EIP‑1153 for those keeping score), and we also got the BLOBBASEFEE opcode, which is part of EIP‑7516. Exciting stuff! 8. 24 and up. These new additions really shake things up, so it’s super important that your tests reflect the updated state and fee-access patterns. You’ll want to make sure to cover them thoroughly! Hey, if you're curious about the latest scoop, swing by soliditylang.org for all the juicy details on the new release!

Hey there! Just a quick heads-up about some changes happening with Ethereum's testnets. So, Holesky is no longer around since it wrapped up support back in September 2025. Now, if you're looking for a solid protocol or staking testnet, Hoodi is your best bet. And don’t forget, if you’re diving into application testing, Sepolia is still the go-to option! Just a quick heads up--make sure your pipelines and faucets are all lined up with this migration! If you're looking for more details, check out the article over at blog.ethereum.org. It's got everything you need to know!

The ERC-4337 account abstraction has really started to shine lately, especially with the introduction of shared mempools, conformance tests, and a bunch of different bundlers. It’s exciting to see how it’s all coming together! So, you'll definitely want to get those deterministic bundler simulations and paymaster tests up and running in your CI process. It's a good move! If you want to learn more, check out bundlers.erc4337.io for all the details!

Hey there! So, there have been some cool updates to the L2 stacks lately. The OP Stack just launched permissionless fault proofs on OP Sepolia, which is pretty exciting. On the flip side, Arbitrum has rolled out its Nitro dev and test nodes, and Base Sepolia is keeping an eye on what’s happening in L1. This includes those new Fusaka-era requirements for blob storage on beacon clients. Quite a bit going on, right? Don’t forget to run your integration tests to check those withdrawal challenge and fault-proof flows, along with making sure everything's working smoothly with node compatibility! If you want to dive deeper into this topic, check out blog.oplabs.co. There’s a lot of great info waiting for you!

So, here’s the deal: your test plan definitely needs to expand its horizons a bit. These days, it’s way more than just running Solidity unit tests. You’ll want to take a look at blob economics, keep an eye on how things behave in a transient state, and explore your testnet options. Don’t forget to check out AA flows too, and really dig into the proof and bridge semantics that are specific to L2. It’s a lot to cover, but it’ll definitely pay off in the long run!

---

A practical test pyramid for blockchain (2025 edition)

Try to focus more on being "risk-driven" rather than just sticking to a "unit-test-only" mindset. “Take a look at this pyramid that really fits with today’s modern trends!”

1. Local Development and Unit Testing.

So, when it comes to local development, it’s all about creating a comfortable space on your own machine where you can try things out without any pressure. It’s like having your little workshop where you can tinker away and make sure everything runs smoothly. And unit testing? That’s just a fancy way of saying you’re checking small sections of your code to ensure they’re working as they should. It’s super helpful to catch any bugs early on before they turn into bigger headaches down the line!

• Go ahead and write your unit tests in Solidity, Rust, or Python while using some fast local nodes! It's a great way to speed things up. Hey, just a quick reminder: make sure to check those gas snapshots and run those reentrancy and authorization checks. It'll save you some headaches later! We make sure to run static analyzers and property annotations with every commit. This way, we can spot any issues right away. Here are some of the tools we like to use: Foundry (which includes forge and anvil), Hardhat, Slither, Scribble, and for some testing, we turn to cargo test for CosmWasm and solana-program-test. Take a look at this: (getfoundry.sh). You might find it interesting!

Property-based and Invariant Testing

We're really getting into the nitty-gritty of state and sequence-level properties, especially when we’re using fuzzing and symbolic engines. It's an exciting area to explore! Tools to check out:

• Checking out foundry invariants, doing some fuzzing, and exploring cheat codes.
• Echidna
• Halmos for symbolic testing, right?

If you're looking for more information, check it out here. You might find exactly what you need!

3) Protocol and Integration Tests

• We're diving into testing to make sure everything is in line with ERC-4337 standards. We’ll also be checking out how the paymaster features work and seeing how it all interacts in the mempool. I'm diving into the rollup bridge, taking a good look at how those withdrawal processes work, and checking out the proof flows too.
• Testing across different contracts and modules with CosmWasm’s cw-multi-test. Feel free to check out all the details here.

4) Environment / Chaos and Performance Tests

• We're going to explore shadow forks, which are basically Virtual TestNets that replicate the real production environment. This basically involves playing around with blob fee spikes, simulating some downtime for the sequencer, and figuring out how to deal with rate limits and RPC failovers. Tools: If you haven't already, take a look at Tenderly Virtual TestNets! They're quickly becoming the favorite since Forks are no longer a thing. Also, don’t forget about the Arbitrum Nitro dev/test nodes and OP Sepolia for all your proof needs. Happy testing! If you’re looking for more details, just head over to tenderly.co. It’s a great resource!

---

Choose environments that match 2025 reality

• Sepolia + Hoodi: If you’re diving into the world of dapps and applications, Sepolia is definitely your best bet for testing. On the other hand, if you’re focusing on validator and protocol testing, Hoodi is the place to be! Hey there! If you've got any Holesky jobs still lingering, it's a good idea to wrap them up now. Just a heads up, Holesky support officially ended on September 30, 2025.
  (ethereum.org).
• OP Sepolia: This is the go-to testnet for the OP Stack, and it’s fully loaded with all the cool features, including complete fault proofs. It's a great way to test out your withdrawal processes and make sure everything runs smoothly before you go live on the mainnet. (blog.oplabs.co).
• Arbitrum Nitro dev/test nodes: You have the option to either create a single-node development chain or really dive in with a complete local L1/L2 simulation using the nitro-testnode. It's a great way to experiment and see how things work! It’s got built-in keys and RPC endpoints, which really makes continuous integration super easy! (docs.arbitrum.io).
• Base Sepolia: Just a heads up--make sure you're syncing your node releases with the L1 testnet updates. It’s super important to keep everything in line! Just a heads up, some versions will require beacon clients to manage blob data--like that supernode flag--after the Fusaka update on Sepolia. Make sure to keep that in mind when you're running your integration tests! (github.com).
• ZKsync: You can use the anvil-zksync along with the Hardhat or Foundry plugins to conduct local tests and create forks with EraVM. Hey, just keep an eye on ZKsync's reserved address ranges while you're doing those fuzz tests, okay? It's something to watch out for! (docs.zksync.io).
• Tenderly Virtual TestNets: If you're diving into some long, multi-chain staging sessions, you're in luck! You’ve got access to unlimited faucets and can play around with state manipulation as much as you want. Enjoy! Just a heads-up: try to use custom chain IDs, like starting with 73571. That way, you can avoid any replay problems down the line. (tenderly.co).

---

Tooling that actually catches modern bug classes

• Foundry: If you're looking to run some fast unit and invariant tests, or maybe want to try out fuzzing, this is the place to be. It’s also great for taking gas snapshots and forking from the mainnet or L2 using Anvil. You’ll definitely find it super handy! You can totally use cheat codes like vm.prank, vm.assume, vm.roll, and a bunch of others to simulate things like reentrancy, time, and roles in a way that makes sense. It's a handy way to keep everything predictable! Check it out here.
• Slither: When it comes to static analysis, Slither is your best buddy. It offers a bunch of detectors and custom rules, plus some handy upgrade helpers that fit right into your CI process without a hitch. For more info, check it out on GitHub!
• Scribble: This handy tool lets you whip up inline specifications and also checks things in real-time. Pretty cool, right? When you team it up with fuzzers, you can actually convert those specs into checks that will run right in your code. If you want to dive deeper into it, just check it out here.
• Echidna: If you're into property fuzzing and love working with invariants, then Echidna is definitely the tool for you! It's like having a reliable buddy in your testing journey. What's really cool is that it works seamlessly with Slither, letting you do some pre-analysis before you really jump in. You can check it out over on GitHub right here.
• Halmos: So, this tool is all about symbolic testing, and it's actually built on top of the Foundry tests we already have. It's super useful when it comes to handling stateful invariants and digging deeper into paths, not just relying on random fuzzing. Feeling curious? Take a look at this link! You might find something interesting!
• Certora Prover: If you’re looking to formally verify those key components, Certora Prover is definitely the tool you want to check out. It comes with CVL specs, an open-source Prover, and some really handy CI automation. Hey, just a quick reminder to run those vacuity and spec sanity checks so we don’t end up feeling overly confident for no reason. It’s always good to double-check! Want to dive deeper? Check out the documentation here for all the details!

---

Concrete test plans, by component

1) Smart contracts on EVM (post‑Dencun)

What to Test Beyond Typical Unit Tests

• Blob-aware logic: If your protocol or oracle is factoring in L2 blob costs, double-check that you're accurately reading the BLOBBASEFEE (EIP‑7516). It’s super important to get that right! Hey, just a quick reminder to make sure you include tests for when blob capacity is getting a bit tight, those crazy price spikes, and what happens when we hit zero-blob blocks. It's important to cover all those scenarios! Take a look at this link: (eips.ethereum.org). You won’t want to miss it!
• Using Transient Storage: When you're diving into your code, don't forget to check those reentrancy guards! It's super important to handle state that's specific to each transaction. You can do this by using TLOAD and TSTORE with inline assembly in Solidity 0. Just keep it in mind while you're coding!

8. 24 and later. Alright, let’s talk about situations where things might not go as planned--and how to handle those hiccups, especially when you’ve got nested call frames involved.

Imagine you’re working on a project and you’re super excited about the progress. You’ve got this great function set up, and then out of nowhere, something goes wrong. Maybe the data you’re trying to process isn't what you expected, or there’s an error coming from a deep nested call frame that you didn’t even see coming. Frustrating, right?

When things revert or go haywire, it’s crucial to take a step back. First, check through your nested call frames. These are like the layers of an onion; each layer can potentially hide errors or bugs that can cause everything to crash. So, don’t skip over them! Dive deep, trace back your steps, and see where the initial issue started.

Once you locate the problem, whether it’s in the main function or a hidden layer, you can fix it. Sometimes it might just mean tweaking a line of code or handling an edge case you didn’t consider. The goal is to make sure you can confidently push forward without fear of those pesky reverts popping up again.

So, remember to stay calm, take your time to explore those nested frames, and don’t hesitate to ask for help if you need it. We’ve all been there, and it’s all part of the learning process! If you're looking for more info, just check this out: (soliditylang.org). You'll find all the details you need!

• Changes to SELFDESTRUCT Behavior and MCOPY Efficiency: After the updates to the Cancun EVM semantics, it’s really important to double-check that your old assumptions are still valid. You wouldn’t want to run into any surprises! If you're curious to dive deeper into this topic, check it out here: soliditylang.org. It's got all the details you need!

Foundry Example (Transient Storage Guard):

Alright, let’s jump into how to set up a Transient Storage Guard in Foundry! This guard really helps keep our temporary storage organized and running smoothly. Let’s walk through how you can get this set up:

Setup

First things first, you’ll want to figure out what your guard looks like. Let me share a quick example with you:

pragma solidity ^0.8.0;

contract TransientStorageGuard {
    mapping(address => bool) private _temporaryStorageAccess;

    modifier onlyTempStorage() {
        require(_temporaryStorageAccess[msg.sender], "Not authorized for transient storage");
        _;
    }

    function grantTempStorageAccess(address user) external {
        _temporaryStorageAccess[user] = true;
    }

    function revokeTempStorageAccess(address user) external {
        _temporaryStorageAccess[user] = false;
    }

    // Your transient storage logic goes here
}

Explanation

1. Guard Setup: So, the contract sets up a mapping to keep tabs on which addresses are allowed temporary access to the storage.

2. Modifiers: So, the onlyTempStorage modifier is here to make sure that just the folks who are authorized can mess around with the transient storage functions.

3. Access Management: With grantTempStorageAccess and revokeTempStorageAccess, you can effortlessly control who has access and who doesn't. It's a breeze to keep everything secure!

Benefits of Using a Transient Storage Guard

• Security: This method makes sure that only trusted users can get their hands on sensitive data, but only for a short time.
• Flexibility: It's super easy to give or take away access whenever you need to.
• Simplicity: It’s super easy to set up--just a handful of functions, and you’re good to go!

Conclusion

Using a Transient Storage Guard in Foundry can really boost your contract’s security. It’s a smart move to keep things safe! If you manage access wisely, you can keep your data safe while still giving yourself the flexibility you need. If you want to dive deeper, go ahead and take a look at the Foundry documentation. It’s got all the info you need!

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.24;

contract ReentrancyTS {
    // lock in transient storage at key 0x0
    function _lock() internal {
        assembly { tstore(0x0, 1) }
    }
    function _unlock() internal {
        assembly { tstore(0x0, 0) }
    }
    modifier noReenter() {
        assembly {
            if eq(tload(0x0), 1) { revert(0,0) }
        }
        _lock();
        _;
        _unlock();
    }
}

When you're doing invariant tests, just keep an eye out to ensure that no outside function can see lock=1 when the function is wrapping up. It's a small detail, but super important! This covers those intricate call chains and pathways where reverts come into play. To tackle this, you might want to check out the Foundry invariant runner and team it up with Halmos for a bit of symbolic exploration. It’s a solid combo!

2) ERC‑4337 account abstraction

Alright, let's get those bundler conformance tests rolling for version 0! 8) Using the bundler you picked. Hey, just a quick reminder to pin the EntryPoint version and address when you're running your tests. Also, make sure to simulate those simulateValidation paths and check out those full handleOps bundles. It'll save you some headaches down the road! Feel free to take a peek at it here. Alright, let’s dive into this and see how our paymasters handle the pressure! We need to really dig into those tricky edge cases--like what happens with ERC-20 transfer failures, those nail-biting allowance races, and those times when UserOp gas predictions go a bit sideways. Oh, and don’t forget about the 10% penalty rules from EntryPoint v0--those are super important to keep in mind! 7). Find details here.

• Alright, let’s mix things up a bit! Toss in a single bad UserOp into a bundle and let’s see if the bundler decides to reject it. Hey, just a heads-up! Make sure to double-check those shared mempool constraints--like those ERC-7562-style rules--using some spec tests. It’s always good to be thorough! If you want to dive deeper into the details, just check this link out here. You’ll find a ton of helpful info!

3) L2 rollups, blobs, bridges, and proofs

Hey there! If you're diving into Arbitrum, you can easily set up a local Nitro development node to test out your apps. Plus, if you want to really dig into things, the nitro-testnode is great for running detailed L1/L2 messaging tests. Happy coding! This means looking into the retryables and the delayed inbox. Just double-check that everything's running smoothly, especially during any downtime with the sequencer. (docs.arbitrum.io).

• OP Stack: Get ready to jump into testing withdrawals and fault-proof disputes on OP Sepolia! This is an awesome chance to check for latency issues and explore potential hiccups before we go live on the mainnet. Don’t miss out on the opportunity to help us make it even better! (blog.oplabs.co).
• Base Sepolia: Just a quick reminder to adjust your tests for the L1 testnet upgrades! You’ll want to make sure you update the beacon client blob storage configuration, so everything runs smoothly. This will help you steer clear of any false-positive errors when you're reading blobs. (github.com).
• Blob fee dynamics: Let's create some regression tests to make sure that our total cost calculations are switching smoothly from calldata to blobs whenever they're available. We also need to ensure that they switch back during those times of congestion. It’s all about keeping things running seamlessly! Don't forget to keep track of the blob retention--it’s about 4096 epochs, which is roughly 18 days. Make sure you check in on that through your data availability monitors! (ethereum.org).

4) Upgradeability and governance

If you want to keep your storage layout in check during CI, definitely consider using OpenZeppelin Upgrades with Hardhat or Foundry plugins. They're super helpful for maintaining compatibility. Don't forget to keep a manifest in your version control system (VCS)! It's super helpful. Also, give UUPS, transparent, and beacon flows a try. They can really make a difference! Hey, just a quick reminder to set up that “break-glass” option with a timelock and Safe. It’s super important! Feel free to dive into the details over here!

If you're diving into zk/Era chains, make sure to grab those zk-aware upgrade plugins. They'll make your life a whole lot easier! Don't forget to run tests on those proxy patterns with the specific compilers and manifests they belong to. It's super important to ensure everything works seamlessly! If you want to dive deeper into the details, you can check it out here. Happy exploring!

5) ZK circuits and zkVM integrations

• Circom circuits: First things first, dive into unit testing with circom_tester. It's super important to check that your witness is on point.
  Once you're done with that, the next step is to whip up some proofs using snarkjs. Hey, just a quick reminder to run some negative tests to pick up on any messed up witnesses. It's super important! Hey, if you're interested, you can find all the info here.
• ZKsync Era: When it comes to testing things out locally, you can use anvil-zksync. And for compiling, just grab hardhat-zksync-solc. It's pretty straightforward! Hey, just a quick heads up! Make sure your fuzzers avoid those reserved address ranges. You don’t want to run into any issues there! Oh, and when you're working with forks like era_test_node, just make sure they're actually addressing real liquidity paths--like those Uniswap swaps. It’s super important to keep that in mind! If you're looking for more details, you can check it out here. It’s a great resource for all things related!
• Stay updated on zkVM testing research: There’s some really exciting stuff going on with soundness and completeness testing! If any fixes pop up from the tools, it's a good idea to integrate them when you can. If you want to dive deeper into this topic, check it out here. It's a great resource!

6) Cosmos SDK and CosmWasm

Hey, why not give the Cosmos SDK simulator, also known as SimApp, a shot? It's a great tool for running some fuzz testing on your modules. You might find it really useful! Feel free to mix in some random messages and parameters to check for any potential issues before you actually launch on the mainnet. It’s a good way to catch anything that might cause a hiccup! This tool is super useful! If you want to explore it further, you can check it out here.

If you’re diving into CosmWasm contracts, definitely check out cw-multi-test. It’s worth your time! This tool is pretty cool because it lets you test out how different contracts interact with each other without needing to deal with the complexities of running full nodes. You can easily simulate messages, replies, and IBC hooks, making unit testing a breeze! Isn't that cool? If you want to dive deeper and get more details, just click here.

7) Solana programs

Hey there! To get started with your SBF programs, you'll want to use solana-program-test. This cool tool helps you set up an in-process bank, and you can easily test everything out using the BanksClient. Enjoy experimenting! This allows you to really get into the nitty-gritty of compute budgets and priority fee trends, all while ensuring your crates are perfectly in sync with the newest Agave/Solana SDK updates. Take a look at the details right here: (docs.rs). You might find some useful info!

---

CI/CD blueprint with modern gates

Recommended Pipeline (GitHub Actions Outline):

Here's a quick guide to help you get your GitHub Actions pipeline up and running! This can really help simplify your workflow and make sure everything runs like a well-oiled machine.

Steps to Set Up Your Pipeline:

1. Create Your Workflow File:. First things first, let's create a . Hey there! So, you're working with a .ymlfile, huh? That's cool! YML, or YAML, is super handy when it comes to organizing data in a way that's easy to read and write. If you need any tips or help with it, feel free to ask! Check out thegithub/workflows` folder in your repo.

1. Define Your Workflow:
   So, first things first, go ahead and name your workflow--get creative! Once you've got a catchy name sorted, you can set it up to kick off whenever certain things happen, like when you push changes or when someone submits a pull request. It's a pretty cool way to automate your process! Here's a quick example:.

   name: CI Pipeline
   on: 
     push:
       branches:
         - main
     pull_request:
       branches:
         - main

2. Set Up Jobs:
   Let’s go ahead and set up the tasks that will be running in your workflow. Every job gets its own virtual space to operate in. Setting up a job can be pretty straightforward if you know what to do. Here’s an easy step-by-step guide to help you get started:

   jobs:
     build:
       runs-on: ubuntu-latest
       steps:
         - name: Check out code
           uses: actions/checkout@v2
   
         - name: Set up Node.js
           uses: actions/setup-node@v2
           with:
             node-version: '14'
   
         - name: Install dependencies
           run: npm install

Feel Free to Add More Steps If You Need To: Don’t forget to add some extra steps! After writing your code, it’s a good idea to run some tests to make sure everything’s working as it should. You might also want to lint your code; it helps catch any little mistakes or inconsistencies before you go live. Once you're all set, make sure to deploy your application. It’s the final step to share your hard work with the world! For example:.

      - name: Run tests
        run: npm test

1. Deploy Phase (optional):
   So, if you’re ready to launch your app, just throw in a deployment job at the end of your workflow. It’s a simple way to wrap things up! Here's a little taste to help you get the picture:

     deploy:
       runs-on: ubuntu-latest
       needs: build
       steps:
         - name: Deploy to Server
           run: echo "Deploying to server..."

Important Notes:

• Just double-check that you've got the right permissions for whatever actions you're about to take.
• When it comes to handling sensitive stuff like API keys, make sure you stash them away in your GitHub repository settings as secrets.

Useful Links:

• GitHub Actions Documentation
• GitHub Actions Marketplace

Don’t hesitate to customize this pipeline to suit your project! Make it work for you!

• Static and Build Gates.
• Slither (not so great on high/medium).
• Go ahead and use Solidity version 0.

8. Hey there! So, if you’re working with the evm-version=cancun, just make sure you're using version 27 or higher. Once that's set, go ahead and run typechain/ABIs.

• Make sure to double-check the OpenZeppelin upgrades and take a look at the storage layout while you're at it. You’ve got a couple of handy tools at your disposal: Slither and OpenZeppelin Upgrades Core. These can really help you out! (github.com).
• Unit and Property Tests. If you want to get those gas snapshots, just run forge test -vvv. And whenever you need to, feel free to use hardhat test. It's pretty straightforward! If you want to work with scriptable fixtures, just use forge test --ffi. And don’t forget to adjust the depth and runs to match those foundry invariants! Hey, just a quick reminder! Make sure to run Echidna for those important invariants. And don’t forget, Halmos should be scheduled to run on the chosen targets every night. Thanks! Here are some of the tools you might want to check out: Foundry, Hardhat, Echidna, and Halmos. (learnblockchain.cn).
• Integration Tests
• Go ahead and use anvil with the --fork option (for L1 or L2) while running your playwright and backend tests. If you’re diving into cross-layer tests, definitely check out Arbitrum’s nitro-devnode or nitro-testnode. They’re your best bet! Hey, make sure to take a look at the OP Sepolia tests--they’ve got info on withdrawals and fault proofs that you might find handy! Tools: So, we’re working with Anvil, along with the Nitro dev/test nodes and the OP Sepolia. (getfoundry.sh).
• Using real production data for staging.
• Go ahead and set up Tenderly Virtual TestNets for every PR you’re working on. You'll snag some unique chain IDs and have access to unlimited faucets too! This way, you can smoothly run through your entire processes and easily share your explorers for QA approval. Feel free to take a look at the details right over here!
• Checking things thoroughly to make sure they're safe and reliable, especially when it really matters. So, I've been using Certora Prover to dive into CVL specs and check out some important invariants. You know, things like making sure there’s no burning without minting, keeping an eye on debt ratio limits, and making sure role gating is on point. It's pretty interesting stuff! Take a look at this: (docs.certora.com). You’ll find some really useful info there!
• AA conformance
  Give the ERC‑4337 bundler specs a whirl with your chosen bundler and try out those tricky UserOperation failure scenarios. Take a look at this: github.com. You might find it interesting!

---

Non‑functional tests you should not skip

• Gas/Cost Regression: Don’t forget to take a look at the highest gas usage for the top 20 user paths! It's important to keep an eye on those. Don't forget to dive into how the costs shift between blob and calldata. It’s also a good idea to run some budget tests to spot any sudden spikes in BLOBBASEFEE. Just keep an eye on those numbers! If you want to dive deeper, you can check out more info here.
• Data availability: Make sure that your watchers can access blob data during that 18-day period. Also, double-check that your L2 exit proofs aren’t relying on any pruned data. If you want to dive deeper into this topic, check out more details here. There's plenty of good stuff waiting for you!
• Chaos and failover:
  Hey, can you take the L2 sequencer offline for a bit? Just for a few minutes would be great. Once that’s done, let's go ahead and replay the backlog. Thanks! Don’t forget to look out for idempotency and make sure that any messages users see are easy to understand!
• Let’s kick off an RPC rate-limit simulation to make sure that the exponential backoff is doing its job and that the provider failover is all set up.
• Upgrade rehearsals: Let’s do some practice runs for the upgrades on the Virtual TestNet, and don’t forget to incorporate the Safe and timelock processes! Don’t forget to check out the storage layout and role transfers with OpenZeppelin plugins! It’s a good idea to validate those to ensure everything's running smoothly. If you're looking for more tips and info, definitely take a look at this link. It’s super helpful!

---

Worked examples

1) Testing a blob‑aware rollup costing module

• Unit: First off, you'll want to compute the cost using block.blobbasefee. But here's the thing--when there are no blobs available, switch things up to use calldata pricing instead. Don’t forget to test out both situations to ensure everything works smoothly!
• Integration: When you're in a forked environment, go ahead and push the blob base fee to its limits. It's important to check those fee boundaries and keep an eye out for any events that pop up. If you want to dive deeper into the details, you can take a look here. Enjoy exploring!

2) ERC‑4337 Paymaster

• Property: First, go ahead and set up a rule in Scribble that says, “only sponsor gas when policy X is in place.” After that, you’ll want to run some fuzz testing with Echidna to sniff out any potential violations. Happy coding! Check it out here.
• Integration: It’s a good idea to send a mix of bundles--some valid UserOps and some invalid ones--to a local bundler.
  Don't forget to double-check that those bundles are accepted, and take a look at the refund options and replay protections, too! Just a little reminder to cover all your bases! If you want to dive deeper, you can check out more info here.

3) Arbitrum Cross-Layer Message

• Local Nitro Testnode: With this, you can shoot a message from layer 2 to layer 1, create a little delay for fun, and then wrap things up by finalizing it. Just a quick reminder to keep an eye on those retryables and gas estimates. It's important that they stay consistent, even after any restarts. Thanks! (docs.arbitrum.io).

4) CosmWasm DEX Module

• cw-multi-test: With this handy tool, you can easily manage multi-contract swaps, deal with routing fees, and even simulate those IBC callbacks. It's pretty useful! Also, it can mix up random trade sequences to see if there’s any consistent “no free value creation” happening. If you want to dive deeper into it, just check it out here. Enjoy exploring!

---

“Go‑live” acceptance criteria we recommend

We've got all the critical paths locked down with our unit tests, and on top of that, Slither didn’t find any high-severity issues--so we're in great shape! And hey, our gas budgets are exactly where they need to be! (github.com). Hey there! Just wanted to share some cool news--our invariant and property suites are doing their thing every night, and they've already clocked over 100,000 executions across Foundry invariants, Echidna, and Halmos. Pretty awesome, right? The best part? We haven't found any unresolved counterexamples, which is definitely worth celebrating! (github.com). So, we've gone ahead and practiced the upgrades from beginning to end on our trusty Virtual TestNet. It’s been a bit of a journey, but we've nailed down the governance processes, and we've got all the tweaks to the storage layouts approved. Everything's looking good! (tenderly.co). So, when it comes to ERC-4337 flows, we’re all set! Our bundler conformance tests are passing without a hitch, the paymaster limits are being enforced, and we’ve also got replay and simulation checks in the mix. Everything’s running smoothly! (github.com).

• When it comes to the L2 bridges and proofs, we’re in a good place! Our OP Sepolia and Nitro local tests are all passing with flying colors. Plus, we’ve set up blob-window DA monitors to keep us in the loop with any alerts. (blog.oplabs.co).

---

Emerging best practices we see working

We're thinking about going with the Hoodi/Sepolia alignment and phasing out the Holesky jobs. Let’s put together a solid matrix that lays out where everything is running. We need to clearly see which dapps are operating on Sepolia and which validators are on Hoodi. That way, it’ll be super easy to keep track of everything! (blog.ethereum.org). Hey, have you checked out Tenderly's Virtual TestNets? They’re super handy for setting up state-synced staging environments for every pull request you make. Plus, we can use replay-safe chain IDs, which is a nice bonus! Also, we’re planning to use GitHub Actions to fire these up and shut them down, which is awesome for running test suites in parallel. It’s going to make everything run so much smoother! (docs.tenderly.co). Let's make sure we're really deliberate about the features in EIP-1153. We'll only go with transient storage if we can confidently establish some solid rules and have tests in place for nested calls and reverts. Let's make sure we avoid any tricky reentrancy pitfalls. (eips.ethereum.org). For ZK, let’s try to keep our circuits compact and definitely make sure we’re running unit tests on them! Hey, just a quick reminder to make sure we include tests for those pesky malicious witnesses! Also, when we're diving into EraVM, it’s super important to stick to those address constraints while we’re fuzz testing. It really helps us avoid any false failures down the line. Let’s keep everything running smoothly! (docs.circom.io). So, when it comes to AA, we really need to lock down the EntryPoint versions and the bundler RPCs. Plus, let’s make sure to run those official spec tests pretty regularly. It’ll keep everything running smoothly! That way, we’ll be able to stay on top of any sudden changes that pop up in the mempool or RPCs. (github.com).

---

The 7Block Labs checklist (cut and ship)

• Networks: For our app testing, we're currently using Sepolia, and when it comes to validators and protocols, we’ve got Hoodi in the mix. Also, we’ve got the OP Sepolia and Nitro test nodes all ready to go! If you want to dive deeper, head over to ethereum.org for more info!
• Dencun Readiness: We're currently running some tests on BLOBBASEFEE and checking out transient storage. We're also diving into the differences between calldata and blob fee fallbacks to see how they stack up. For more info, check out eips.ethereum.org. There’s a lot of cool stuff there!
• Tooling: We’ve got some pretty awesome tools in our lineup: Foundry, Anvil, Slither, Scribble, Echidna, Halmos, and Certora. They’re all up and running in our Continuous Integration (CI) setup, making our workflow smoother and more efficient! Check out the details over at getfoundry.sh. You'll find all the specifics you need there!
• AA: Everything's looking great with the bundler spec tests - they're all passing smoothly! We’ve got the paymaster policies in place, and on top of that, we're running some cool simulation-based prechecks. Check out what we've been working on over on GitHub. We'd love for you to take a look!
• L2: We've been busy testing withdrawals and making sure everything's running smoothly on OP Sepolia. We're also doing some cross-layer tests on Nitro right from our local setup, and keeping an eye on blob DA over an 18-day window. If you want to dive deeper into it, check out this link: blog.oplabs.co. Happy reading!
• Upgrades: I went through the OZ storage layout to make sure everything's set; we ran some practice upgrades on the Virtual TestNets and double-checked that the governance execution is all good to go. If you're looking for more details on this topic, you can check out docs.openzeppelin.com. They’ve got a ton of helpful information!

---

Final word

The protocols and dapps that are really making waves today are the ones that can adapt to whatever tomorrow throws at us. We're talking about things like blob fee shifts, AA mempools, proof systems, and the constant evolution of testnets. It’s all about staying ahead of the game! If you need some help turning that plan into a kickass CI system that minimizes risk, 7Block Labs has got your back. We’ll set up the environments, figure out the properties, and link the gates. That way, when mainnet day comes around, you can just kick back and enjoy a smooth green build!