Interesting project, Kristov. Two more ideas for fuzzing bitcoin txs:

- random bit flipping from valid txs

- random tx script generators:
- from a grammar

- from a stochastic grammar

- from a random sequence of opcodes

I've made some really small experiments on fuzzing in the past [1][2], and I'm interested in helping out.

Best,

Manuel

[1] https://github.com/maraoz/json-fuzzer

[2] https://github.com/maraoz/bitcoin-fuzzer

On Tue, Sep 1, 2015 at 3:03 PM, Wladimir J. van der Laan via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> wrote:

On Tue, Sep 01, 2015 at 04:59:15PM +0000, Monarch via bitcoin-dev wrote:

> which uses Bitcoin Core for validation. If they aren't validating
> transactions before broadcast they won't make it more than a single
> hop through the P2P the network so they are of minimum concern.

blockchain.info had some problems here for a while. They were not using a full validating node underneath:

- Signatures were not verified properly. This resulted in some panic when it looked like (on their site) a massive number of very old coins were being spent.

- They were relaying loose coinbase transactions. This caused them to be instantly banned from nodes they were connected to.

So there's certainly some scope for fun with fuzzing those APIs.

Wladimir

_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev