Cryptocurrencies and their underlying blockchain based technology have created a buzz over the past few years. In this article, we take a look at how we can test blockchain based applications.
A blockchain is a decentralised, tamper-proof database that has been called the trust protocol of the Internet. It helps in settling transactions between multiple anonymous entities over the Internet without going through a centralised service. The transactions in a blockchain are settled in a decentralised manner using a consensus mechanism, which is unique to the network, without the interference of any central authority. This ensures that the transactions are securely only under the user’s control, throughout the entire process. Moreover, this enables individuals or enterprises to leverage the power of the blockchain to manage and access their information, and ensures trust on the network. Bitcoin is the current market leader and the largest blockchain network, followed by Ethereum, Ripple, Bitcoin Cash, Litecoin, etc. The list is huge and is growing on a constant basis.
Typical blockchain usage and applications
Here are some major enterprise applications of the blockchain:
- In the financial services sector as a replacement for fiat currencies, for payment processing, to build a transparent system for borrowing and lending
- In the manufacturing sector for supply chain management and legal contracts
- In the energies and utilities sector for energy transactions between sellers and borrowers, and for payment processing
- In the real estate management sector for property transactions and legal agreements
Figure 1 depicts the general architecture of blockchain based systems and applications.
Validations that are required for blockchain applications
Blockchain adoption comes with its inherent challenges – high initial investments, integration problems with legacy systems, privacy and security issues, and apprehensions around the adoption process. Hence, testing blockchain apps becomes business-critical.
There are multiple platform vendors who offer consultation services for blockchain implementation. You need to understand and decide what really suits your business needs and syncs well with your objectives.
Given below are the types of validations that can be used to ensure a high level of test coverage and quality for blockchain applications:
- Unit testing
- Integration testing
- User interface testing
- Performance testing
- API testing
- Functional testing
- CI/CD for blockchain
- Compliance and security testing
Areas of testing required for blockchain applications
The core area of testing for blockchain applications is the external interface to the chain, and this is done through API level testing. Then there is chain level testing for fault tolerance, node level testing such as smart contract testing, and the testing of overall non-functional aspects. Let us look at how we can fulfil each of these requirements.
API testing for blockchain applications
In blockchain applications, the application programming interface (API) plays a major role in defining the whole transaction process, the issue and receipt of payment transactions for virtual currencies, and the corresponding data management.
External applications access a blockchain network using its exposed API interface. Smart contracts are invoked by the external applications using these API interfaces. Hence, it’s important to validate this interface to ensure seamless integration.
Peer/node and fault-tolerant testing
Since the blockchain involves a peer-to-peer architecture, it is extremely important to validate the encrypted and decrypted data transmission process to ensure it is working flawlessly so that no data is lost.
One of the main goals of peer-to-peer node testing is to ensure the consistency of transactions that are stored in a proper sequence across all the nodes. This means consistency checks should be carried out to maintain all nodes under normal conditions as well as in various scenarios in which the nodes fail concurrently. Typical areas of testing involve consistency checks with the database, synchronisation of blocks, node restarts, node rejoining, network failure, etc. The ultimate goal of this testing is to ensure consensus is achieved across all nodes in the order in which transactions take place. Consistency and sequences are the key parts of testing.
A smart contract is a set of rules in the form of programmable constructs. These rules are capable of automatically enforcing themselves when predefined conditions are met. Testing smart contracts is extremely critical as once the contract is deployed, it can never be changed. Testing smart contracts involves the following:
- Simulation of all possible expected and unexpected scenarios and conditions of each and every contract
- API testing with all boundary and conditional statements for individual contracts, and also integration testing
- Validation of the encryption for the distributed ledger
- Testing of all possible scenarios that could result from applying different business logic
- Testing the triggers and execution of transactions
- Real-time auditing of transactions
More importantly, as all the above testing happens dynamically in a large number of nodes, it can be done only through automated testing.
There are many tools that enable automation testing in various blockchain platforms. A few of them are listed below.
1) The most important tools that perform automation testing for the applications built on the Ethereum platform are Ethereum Tester, Truffle, Test RPC, Populus and Manticore.
2) Hyper Ledger Composer can be used for testing HyperLedger. It can be integrated with the Mocha/Chai test framework.
3) Corda provides a lot of inbuilt capabilities that can be used to build automation tests for applications based on this platform.
Testing for performance, compliance and security are the main non-functional aspects that need to be covered for blockchains and their applications.
Performance validation: Due to high throughput and performance requirements, blockchain data is stored in key-value pairs in the database using hashing algorithms. The blockchain network needs to be tested for performance and latency, which would vary, based on:
- The size of the network
- The size of the block
- The expected size of transactions
- The consensus protocol used
In general, transactions per second, transaction latency and resource utilisation are the parameters to be examined for performance.
It is also extremely important to measure if the integrity of the network and the shared ledger is maintained while testing the throughput. There are no concrete complete tools available in the market, but HyperLedger Caliper and Jmeter can be used for performance tests to benchmark and conduct API tests, respectively.
Security validation: Vulnerability assessment should be done for all the nodes in the networks, be it a private or public blockchain network. Testing for the security on the network, and validating the privacy of the data in the distributed ledger should be ensured. Password strength, hardening of private keys, and private key storage implementation should be reviewed and tested.
There are a few challenges in blockchain testing, though.
- Testing blockchain applications requires multiple skills, including automation skills in all languages, understanding mid- and low-level integration, API and UI level testing skills, etc.
- Setting up the environment for the blockchain testing itself is a challenge.
- Getting the test and test automation right the first time is a real challenge, as updation and rollback on the contracts is almost impossible. This is a huge challenge for the quality assurance team.
- Scenarios like tampering with the blocks as well as the size of the blocks pose a challenge.