Published on: 2015-09-01T18:22:51+00:00
In an email exchange on September 1, 2015, Monarch shared two ideas with Kristov for fuzzing bitcoin transactions. The first idea involved random bit flipping from valid transactions, while the second idea included random transaction script generators, including generators from a grammar, a stochastic grammar, and a random sequence of opcodes. Manuel expressed interest in contributing to the project and shared links to his past experiments on fuzzing.Wladimir J. van der Laan responded to Monarch's email and commented on blockchain.info's problems with validation. He pointed out that blockchain.info was not using a full validating node, which led to issues such as improper signature verification and loose coinbase transaction relaying. These problems resulted in instant banning from connected nodes. Wladimir suggested that there is potential for fun with fuzzing those APIs.In a Bitcoin developer forum, Monarch raised concerns about nodes that do not validate transactions before broadcasting them. This lack of validation made them of minimum concern to the P2P network. Blockchain.info experienced problems related to this as they were not using a full validating node underneath. This led to improper verification of signatures and panic when it seemed like a massive number of old coins were being spent on their site. They were also relaying loose coinbase transactions, which caused an instant ban from connected nodes. Wladimir mentioned that there is potential for mischief with fuzzing those APIs.In the same forum thread, Kristov Atlas expressed interest in developing a fuzzer for push tx APIs but couldn't find one after a brief search. He asked if anyone had found otherwise or was engaged in writing one. Jonas Nick provided two links to Bitcoin Consensus Test Cases and his blog post on fuzzing Bitcoin Consensus. According to Nick, the only implementations with significant network presence are btcd and Bitcoin Core. Fuzzing these services should be sufficient if they validate transactions using either of the two. Atlas had also mentioned two implementations based on Insight that use Bitcoin Core for validation. If these implementations don't validate transactions before broadcast, they won't make it beyond a single hop through the P2P network and are of minimal concern.The writer of this message is seeking a fuzzer for push tx APIs that can send random data and fuzz specific aspects of the transaction format. They have conducted a brief search but haven't found one. The writer lists several endpoints they would like to test, such as https://live.blockcypher.com/btc-testnet/pushtx/, https://insight.bitpay.com/tx/send, https://blockchain.info/pushtx, and others. The desired fuzzer should be capable of fuzzing valid and invalid script formats and changing the order of op codes, among other things. The writer is also open to recommendations on how such a fuzzer should be structured. Finally, the writer invites anyone interested in collaborating to contact them via private message.
Updated on: 2023-08-01T15:55:18.322653+00:00