Brink is excited to announce continued support for Niklas Gögge in his open source Bitcoin Core development work. Niklas’ contributions towards testing, and in particular fuzz testing, is important to secure Bitcoin Core and uncover critical bugs.
In a security-focused project like Bitcoin Core, testing is critical. Bitcoin Core unit tests are written in C++ using the Boost libraries to quickly test components of the codebase in isolation (see the bech32 unit tests for example). Bitcoin Core functional tests are written in python to test features of the software, involving multiple components working together (see the P2P ping functional tests).
A more cutting-edge type of testing is fuzz testing where software repeatedly calls into portions of the codebase using inputs generated automatically by a fuzzing engine instead of manually by the test writer. When done continuously, fuzzing can be used to expand test coverage and uncover bugs. For example, fuzzing can generate a series of specially-crafted P2P messages that leads to a crash, memory leak, or inconsistent internal state. As Bitcoin Core nodes are constantly exposed to anonymous peers on the network, a crash bug in the P2P message processing code could be catastrophic.
As a form of automated software testing, fuzzing can scale (to some extent) with the amount of computation allocated to it and often finds edge cases that were missed during manual code review. Bitcoin Core participates in OSS-Fuzz, Google’s continuous fuzzing program, in addition to contributors running fuzzing infrastructure and contributing new inputs back to the growing body of fuzzing corpora.
Fuzz testing initiatives in Bitcoin Core have found several important bugs over the years, with Fuzz Trophies noting some of them.
Niklas has been working on Bitcoin Core’s fuzz testing initiatives including increasing the number of fuzz-testable targets (~200 currently) and refactoring P2P net processing to be more fuzzer-friendly.
Niklas recently gave a presentation about fuzz testing in Bitcoin Core. The outline of the presentation is:
- Fuzzing
- What is it? Why do it?
- Coverage guided fuzzers
- Bug Oracles (Sanitizers, Differential Fuzzing, etc.)
- Best practices for targets
- Bitcoin Core
- Fuzzing Infrastructure
- How/what to contribute
A PDF copy of Niklas’ slides is available for download and a recording of the presentation provided below.
About Brink
Brink is a Bitcoin research and development centre, founded in 2020 to support independent open source protocol developers and mentor new contributors. If you or your organization is interested in supporting open source Bitcoin development, feel free to email us, donate@brink.dev.
Developers interested in the grant program can apply now.
Keep in touch
Subscribe to the Brink newsletter for future blog posts.