Notes on testing a Bockchain application

Testing a Blockchain application is actually fundamentally different as testing a custom software solutions. The problem is that the domain of a usual Blockchain solution is usually in a domain that requires high privacy and security. Theoretically, the Blockchain technology itself provides a certain level of privacy and security, despite there have been already a lot of hacking both for the Bitcoin protocol and for systems like Ethereum as well (for instance the DAO). Consequently, testing a Blockchain application requires much more competence in the direction of system hacking or cryptography than traditional testing methodologies. Instead of classical tests, perhaps a better way to set up an explicate set of advisories as possible attacks and show that the system is immune for these attacks. Another point to consider, if it is possible to test a Blockhain platform itself from an application that is built on top. 

    

One way in this direction to formulate the problem from a quality management point of view and give an explicit set of rules that should be kept at the implementation in order the system to be secure. Example for such an initiative is the CryptoCurrency Security Standard (CCSS) for defining implementation rules for Bitcoin applications. 

Another way might be the direction of mathematical proofs if the program works as expected. One initiation is the formal verification from solidity.

Testing versus Monitoring ? - any difference with managed cloud services ?

"Software testing is an investigation conducted to provide stakeholders with information about the quality of the product or service under test" 

 Wikipedia

"Website monitoring is the process of testing and verifying that end-users can interact with a website or web application as expected." 

 Wikipedia

Software testing means checking the requirements during a software is being developed and monitoring means rather in the checking if a ready developed software still working. As the two activities usually mean two totally different things,they seem to be pretty similar if we consider cloud service integration. As we use practically ready to go building blocks, checks that we use to identify if we developed a correct software can be used to monitor if the ready application still working. In this sense, the two process should not be two separate things, but actually one common platform to guarantee the software quality both at development and at operating the application as well.

An idea for such a common platform might be the following:

Let CTEST = {C1, C2, ... CN} a number of checks that is being used during software testng. 

Let CMON = {CI, CI+1, ... CM} ⊂ CTEST a subset of checks that are being used in the future as well for monitoring purpose.

Certainly the major question is how we can define checks and a common framework that can be used both at testing and at monitoring.