Skip to content

sdjasj/BCFuzzer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
experiment_data
experiment_data
 
 
source_code
source_code
 
 
README.md
README.md
 
 
push.sh
push.sh
 
 

Repository files navigation

BCFuzzer

As a decentralized system, blockchain allows different nodes to have divergent configuration items. However,this inevitably introduces more complex configuration handling logic and a higher likelihood of bugs. Thesebugs are called blockchain configuration bugs (BCBs). BCBs can have severe consequences, including nodecrashes and consensus failures, posing significant threats to the security and availability of the blockchainsystems. Unfortunately, existing blockchain testing tools fail to leverage unique characteristics of divergentblockchain configurations, making it difficult to conduct effective and efficient testing for BCBs.In this work, we present BCFuzzer, a framework to detect blockchain configuration bugs by divergentconfiguration fuzzing. First, BCFuzzer proposes a mutation rule model to identify and mutate the divergentconfiguration items, triggering various configuration handling scenarios. Second, BCFuzzer introduces amulti-node configuration scheduling method to allocate diverse configurations to individual nodes, therebyaccelerating the testing process. Finally, BCFuzzer designs two oracles based on runtime node behaviors tocapture the security and availability issues caused by BCBs. We implemented and evaluated BCFuzzer onfive widely-used commercial blockchain platforms: Go-Ethereum, Aptos, Sei, FISCO BCOS, and Chainmaker.Totally, BCFuzzer discovered 24 previously unknown BCBs and outperforms state-of-the-art tools.

Repo Structure

To help users understand the repository structure of Chord, we provide the following explanation:

source_code: the source code of BCFuzzer in 4 blockchain systems

  • Aptos
  • chainmaker
  • fisco
  • geth

experiment_data: All experimental data is located in the experiment_data directory.

  • evaluation1
    • Relevant configuration files of BCB triggered by BCFuzzer in five blockchain systems.
  • evaluation2
    • Relevant data from the ablation experiment of MEI conducted by BCFuzzer in Experiment Two. Specifically, the test results of 1,000 test cases generated by BCFuzzer and $BCFuzzer_{noMEI}$​ on five blockchains.
  • evaluation3
    • Relevant data from the ablation experiment of the Multi-node Configuration Scheduler conducted by BCFuzzer in Experiment Three. Specifically, the number of test cases generated and tested by BCFuzzer and $BCFuzzer_{noSche} $within 24 hours on five blockchains.

Quickstart

BCFuzzer for Go-Ethereum

prerequisites

Setup Go-Ethereum network environment, can be found in https://geth.ethereum.org/docs/fundamentals/private-network

setup Go-Ethereum testnet & start testing

cd source_code/geth
python3 main.py

BCFuzzer for Aptos

prerequisites

Setup Aptos network environment, can be found in https://aptos.dev/en/build/get-started

setup Aptos testnet & start testing

cd source_code/Aptos
python3 main.py

BCFuzzer for FISCO BCOS

prerequisites

Setup fisco network environment, can be found in https://fisco-bcos-doc.readthedocs.io/zh-cn/latest/docs/quick_start/air_installation.html

setup FISCO BCOS testnet & start testing

cd source_code/fisco
python3 main.py

BCFuzzer for ChainMaker

prerequisites

Setup ChainMaker network environment, can be found in https://docs.chainmaker.org.cn/v2.3.5/html/

setup ChainMaker testnet & start testing

cd source_code/fisco
python3 main.py

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages