Mutation testing comes to DAML
Trail of Bits announced that its open-source mutation-testing engine, Mewt, now supports DAML, the language used for Canton Network applications. Mewt reads DAML source code, generates several classes of mutants—including two specifically designed for DAML's authorization primitives—and runs them through the user's existing test suite to count how many mutants survive. The tool is available from the repository and configured via a mewt.toml file. The blog post argues that DAML's built-in coverage measures, which report template and choice execution, can be misleading because they do not verify whether tests actually check the outcome of a choice. Mutation testing addresses this by deliberately introducing small changes (mutants) into the code and checking if the test suite catches them. A mutant that passes all tests is a survivor, indicating a gap in the test suite. The post highlights that authorization logic in DAML is particularly error-prone, as typos in controller clauses or missing parties can go undetected by static analysis. Happy-path tests that supply all required signatures do not test negative cases, such as removing a required signature to verify it is enforced. Mutation testing forces these unhappy paths, revealing whether tests actually validate authorization rules.
Mutation testing reveals hidden gaps in DAML test suites that traditional coverage metrics miss.