Looking for Lacunae in Bitcoin Core's Fuzzing Efforts

Alex Groce, Kush Jain, Rijnard Van Tonder, Goutamkumar Tulajappa Kalburgi, Claire Le Goues

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Scopus citations

Abstract

Bitcoin is one of the most prominent distributed software systems in the world. This paper describes an effort to investigate and enhance the effectiveness of the Bitcoin Core fuzzing effort. The effort initially began as a query about how to escape saturation in the fuzzing effort, but developed into a more general exploration. This paper summarizes the outcomes of a two-week focused effort. While the effort found no smoking guns indicating major test/fuzz weaknesses, it produced a large number of additional fuzz corpus entries, increased the set of fuzzers used for Bitcoin Core, and ran mutation analysis of Bitcoin Core fuzz targets, with a comparison to Bitcoin functional tests and other cryptocurrencies' tests. Our conclusion is that for high quality fuzzing efforts, improvements to the oracle may be the best way to get more out of fuzzing.

Original languageEnglish (US)
Title of host publicationProceedings - 2022 ACM/IEEE 44th International Conference on Software Engineering
Subtitle of host publicationSoftware Engineering in Practice, ICSE-SEIP 2022
PublisherIEEE Computer Society
Pages185-186
Number of pages2
ISBN (Electronic)9781665495905
DOIs
StatePublished - 2022
Event44th ACM/IEEE International Conference on Software Engineering: Software Engineering in Practice, ICSE-SEIP 2022 - Pittsburgh, United States
Duration: May 22 2022May 27 2022

Publication series

NameProceedings - International Conference on Software Engineering

Conference

Conference44th ACM/IEEE International Conference on Software Engineering: Software Engineering in Practice, ICSE-SEIP 2022
Country/TerritoryUnited States
CityPittsburgh
Period5/22/225/27/22

Keywords

  • fuzzing
  • mutation analysis
  • oracle strength
  • saturation
  • test diversity

ASJC Scopus subject areas

  • Software

Fingerprint

Dive into the research topics of 'Looking for Lacunae in Bitcoin Core's Fuzzing Efforts'. Together they form a unique fingerprint.

Cite this