# Add Regression Tests After Fixing Vulnerabilities

Whether a vulnerability is found during a **security review** or after deployment, it's important to write a test that **simulates the exploit attempt** and verifies it **fails (reverts)** after the fix. This helps:

* Prevent future regressions of the same vulnerability.
* Document the exploit in a reproducible and testable way.
* Strengthen long-term security through test coverage.

> ⚠️ **Limitation**: These tests typically cover only one exploit path. Variations may still exist that trigger the same underlying flaw.

## ✅ Recommendations to Strengthen This Practice:

* **Generalize the test** to detect similar exploit vectors.
* **Write invariant tests** to enforce critical safety conditions across a wide input space.
* **Use property-based fuzzing tools** to explore unseen inputs.
* **Document assumptions** (e.g., actor roles, balances, states) within the test.

This layered approach helps secure the fix and future-proofs the protocol against regressions of the same bug class.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.optimumsec.xyz/ongoing-operations/regression-tests-for-vulns.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.