Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Automatic fuzzing based on XDR specs #1104

Open
brson opened this issue Oct 3, 2023 · 1 comment
Open

Automatic fuzzing based on XDR specs #1104

brson opened this issue Oct 3, 2023 · 1 comment

Comments

@brson
Copy link
Contributor

brson commented Oct 3, 2023

What problem does your feature solve?

Soroban contracts provide metadata to introspect contracts, enough to automatically generate randomized calls to the methods of a contract.

I have been suggested that it would be useful to use the XDR to generate a fuzzer automatically.

It's not clear exactly how useful this might be because writing a fuzzer tends to require understanding of what the program does, but it could e.g. detect reachable panics that don't call panic_with_error.

What would you like to see?

Not sure yet.

What alternatives are there?

This is similar to #414
@leighmcculloch
Copy link
Member

This is really intriguing idea. Could this be a fuzzer in the sense that we could do branch detection, or would this be more like property testing where the contract interface would be used to figure out what are valid inputs to generate for the tests?

This sounds useful even if we can't do branch detection of the wasm, so my question isn't intended to vote one way or the other, just understanding what the scope is.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@brson @leighmcculloch and others