More mutation operations?

fuzzland / ityfuzz

Blazing Fast Bytecode-Level Hybrid Fuzzer for Smart Contracts

https://docs.ityfuzz.rs

MIT License

735 stars 116 forks source link

More mutation operations? #464

Closed qianqianpang closed 3 months ago

qianqianpang commented 3 months ago

Respected researchers and developers By reading your code, I found that the mutation stage implements mutation on ABI parameters, blockchain environment-related parameters, and state snapshots.

I would like to ask if you have implemented mutation operations on the functions (transaction sequence order) in the ABI structure.

shouc commented 3 months ago

Hi, state snapshots mutation is transaction sequence order mutation. For example:

Snapshot A: buy(1) => sell(1) Snapshot B: buy(2) => sell(2)

Input 1: Buy Tx on Snapshot A: buy(1) => sell(1) => buy(2), which derives Snapshot C (buy(1) => sell(1) => buy(2))

Snapshot Mutations on Input 1 can be:

Buy Tx on Snapshot B: buy(2) => sell(2) => buy(2)
Buy Tx on Snapshot C: buy(1) => sell(1) => buy(2) => buy(2)