Manuel Aráoz [ARCHIVE] on Nostr: 📅 Original date posted:2015-09-01 📝 Original message:Interesting project, ...
📅 Original date posted:2015-09-01
📝 Original message:Interesting project, Kristov. Two more ideas for fuzzing bitcoin txs:
- random bit flipping from valid txs
- random tx script generators:
- from a grammar
- from a stochastic grammar
- from a random sequence of opcodes
I've made some really small experiments on fuzzing in the past [1][2], and
I'm interested in helping out.
Best,
Manuel
[1] https://github.com/maraoz/json-fuzzer
[2] https://github.com/maraoz/bitcoin-fuzzer
On Tue, Sep 1, 2015 at 3:03 PM, Wladimir J. van der Laan via bitcoin-dev <
bitcoin-dev at lists.linuxfoundation.org> wrote:
> On Tue, Sep 01, 2015 at 04:59:15PM +0000, Monarch via bitcoin-dev wrote:
>
> > which uses Bitcoin Core for validation. If they aren't validating
> > transactions before broadcast they won't make it more than a single
> > hop through the P2P the network so they are of minimum concern.
>
> blockchain.info had some problems here for a while. They were not using a
> full validating node underneath:
>
> - Signatures were not verified properly. This resulted in some panic when
> it looked like (on their site) a massive number of very old coins were
> being spent.
>
> - They were relaying loose coinbase transactions. This caused them to be
> instantly banned from nodes they were connected to.
>
> So there's certainly some scope for fun with fuzzing those APIs.
>
> Wladimir
>
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev at lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150901/95e7353c/attachment.html>
📝 Original message:Interesting project, Kristov. Two more ideas for fuzzing bitcoin txs:
- random bit flipping from valid txs
- random tx script generators:
- from a grammar
- from a stochastic grammar
- from a random sequence of opcodes
I've made some really small experiments on fuzzing in the past [1][2], and
I'm interested in helping out.
Best,
Manuel
[1] https://github.com/maraoz/json-fuzzer
[2] https://github.com/maraoz/bitcoin-fuzzer
On Tue, Sep 1, 2015 at 3:03 PM, Wladimir J. van der Laan via bitcoin-dev <
bitcoin-dev at lists.linuxfoundation.org> wrote:
> On Tue, Sep 01, 2015 at 04:59:15PM +0000, Monarch via bitcoin-dev wrote:
>
> > which uses Bitcoin Core for validation. If they aren't validating
> > transactions before broadcast they won't make it more than a single
> > hop through the P2P the network so they are of minimum concern.
>
> blockchain.info had some problems here for a while. They were not using a
> full validating node underneath:
>
> - Signatures were not verified properly. This resulted in some panic when
> it looked like (on their site) a massive number of very old coins were
> being spent.
>
> - They were relaying loose coinbase transactions. This caused them to be
> instantly banned from nodes they were connected to.
>
> So there's certainly some scope for fun with fuzzing those APIs.
>
> Wladimir
>
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev at lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150901/95e7353c/attachment.html>