Fuzzamoto

Fuzzamoto provides a framework and fuzzing engine for coverage-guided fuzzing of Bitcoin full node implementations.

Implementation Agnostic: The same tests can target different protocol implementations and compare their behavior (e.g. Bitcoin Core, btcd, libbitcoin, ...)
Holistic: Tests are performed on the full system, not just isolated components, enabling the discovery of bugs that arise from the composition of different components
Coverage-Guided: Fuzzing is guided by coverage feedback

It is not meant to be a replacement for traditional fuzzing of isolated components, but rather a complement to it.

Check out the book for more information.

Trophies

Project	Bug	Scenario
Bitcoin Core	`migratewallet` RPC assertion failure	`wallet-migration`
Bitcoin Core	`migratewallet` RPC assertion failure	`wallet-migration`
Bitcoin Core	assertion failure in `CheckBlockIndex`	`rpc-generic`
Bitcoin Core PR#30277	Remotely reachable assertion failure in `Miniketch::Deserialize`	`ir`
Bitcoin Core PR#28676	Assertion failure in `CTxMemPool::check()`	`ir`
Bitcoin Core	uncaught exception in IPC interface	`ipc-mining` (*)
btcd	bloom filters; panic: integer divide by zero	`ir`
btcd	addrv2; panic: invalid memory address or nil pointer dereference	`ir`
btcd	infinite wait in getdata handling	`ir`

Name		Name	Last commit message	Last commit date
Latest commit History 310 Commits
.github/workflows		.github/workflows
ci		ci
doc		doc
fuzzamoto-cli		fuzzamoto-cli
fuzzamoto-ir		fuzzamoto-ir
fuzzamoto-libafl		fuzzamoto-libafl
fuzzamoto-nyx-sys		fuzzamoto-nyx-sys
fuzzamoto-scenarios		fuzzamoto-scenarios
fuzzamoto		fuzzamoto
target-patches		target-patches
.gitignore		.gitignore
Cargo.lock		Cargo.lock
Cargo.toml		Cargo.toml
Dockerfile		Dockerfile
Dockerfile.coverage		Dockerfile.coverage
Dockerfile.coverage.generic		Dockerfile.coverage.generic
Dockerfile.libafl		Dockerfile.libafl
LICENSE		LICENSE
README.md		README.md