Testing blockchain and your mobile app
(Editor’s Note: ArcTouch QA team members Cindy Francês and Cláudio Pedroso co-authored this post. They’re blockchain enthusiasts and wrote this piece based on a recent talk they gave at The Developer’s Conference in Florianópolis, Brazil.)
From cryptocurrencies to our food supply, the use of blockchain has far-reaching implications — the idea of a virtually unhackable decentralized database is taking the business world by storm. But what does it all mean for a QA professional asked to test and validate the functionality in a mobile app that relies on a blockchain for decentralized storage? How is QA testing different than for a mobile app with a more traditional (and centralized) back end?
First of all, you need to understand what blockchain is and the use cases your blockchain-based application is addressing. If you’re just learning about blockchain for the first time, you might check out the recent interview with ArcTouch CEO Eric Shapiro where he explains why blockchain is poised to disrupt business — and how mobile technology will be an enabler for blockchain.
Eric’s description of blockchain is a great start: ”Think of blockchain as the world’s simplest database. It’s just a list of information, and that list is shared equally with all the users of the list. Everyone can look at and verify the list. But instead of living on a computer or in a cloud server, it’s accessible everywhere, by everyone, and it’s uncensorable. No one can hide something that happened — or change the historical sequence of events.”
Of course, one post alone won’t be enough to make you a blockchain expert. But for the purposes of this post, we’re going to assume you have a working knowledge of blockchain and are just starting to think about testing a blockchain app for the first time.
Blockchain testing assumptions
Before starting to test your blockchain-based app, you need to make some assumptions:
- Assume malignant actors. Blockchain relies upon often unrelated users that ultimately verify information as it’s added to a blockchain. As you build your test plan, you need to assume that users will challenge your contract once it’s deployed in an attempt to exploit your blockchain app.
- Your smart contract code will be transparent. While the information stored on a blockchain can be encrypted (and secure), your smart contract code is visible for all users of a blockchain to see.
- Assume your smart contract code needs to be readable. Not only is it possible to reverse engineer a contract, but the development community is fond of code sharing.
- Use a test network before pushing to the real blockchain. This should go without saying for any app, but you’ll want to test your blockchain app in a development environment before you push it out to the main blockchain network. Testing on a test net is vital to understanding how your blockchain app will behave in real life. If you’re developing an Ethereum-based app, Rinkeby is a great proof-of-stake (PoS) test environment.
- Store all contract funds in a separate wallet. When dealing with nearly untraceable tokens in the main network, it’s important to keep them safe in a separate wallet so you can avoid losing them to a bug or accident.
What makes testing blockchain apps unique?
Great software QA starts by understanding the desired user experience. But when it comes to process, testing blockchain-based apps requires the same strong foundation of testing as that of any app. With the right mindset and a solid knowledge of testing techniques and test automation, a skilled QA analyst should have no problem testing blockchain applications.
QA analysts need to be able to learn quickly, especially given how fast the early blockchain market is changing — new tools, frameworks, and technologies are coming online daily. It’s crucial to have a keen critical thinking ability to consider questions such as:
- Will transactions still execute if x, y, and z are not done?
- What happens if the network has lots of transactions waiting to be confirmed?
- What feedback is appropriate to the user in these cases?
- Or is this feedback exposing any security risks?
Below we highlight some points of attention for testing blockchain apps:
Functional blockchain app testing
Functional testing is the basis of any software testing — it’s where you determine if the software does what it is expected to do (and confirm that it doesn’t do what it should not do). Regarding integration of an app with a blockchain, it is pretty much like API testing: When you send information from your app to the blockchain, does it return the expected values? Can your app consistently connect to it and get consistent results? Is your blockchain able to handle all the use cases a production environment experiences? Automation helps greatly here since there are a LOT of values and possibilities to be explored.
Testing blockchain app security
The goal of security testing is to identify the threats in the system and identify its potential vulnerabilities. For example, if you have a blockchain app that works both for redeeming and storing tokens, you need to make sure that the information stored on the phone is safe, that the values spent within the app are correctly discounted from the user wallet and that all transfers are safe and not accessible by other people.
Blockchain app usability testing
Usability testing is the best way to understand how real users experience an app. A well-designed user test measures actual performance on mission-critical tasks. A blockchain transaction can take a while (and I mean a LONG while) to complete — if that transaction process takes place in the foreground and locks the user out of his phone, that’s a UX fail. Just like with other apps, keeping only the necessary information on the screen and moving all back-end processing out of the user’s way is the best solution. Keep them informed at all times of what’s going on, but let them do other stuff inside or out of your app.
Need help with your blockchain app? Let’s talk
So, blockchain app testing is not rocket science (though, as it turns out, we have a former rocket scientist who is heavily involved in BlockFirst, our blockchain development service). All the QA analyst needs is the correct mindset and focus on the best blockchain test strategy.
But still, getting started can be tricky. If you’re thinking about building a blockchain app or proof of concept, we’re happy to help in any way. Whether it’s helping you develop and test an app — or simply offering up advice — contact us to set up a time to talk.