Slava0135
commented
1 week ago I haven't started working on this yet, wanted to get some opinions.
Open Slava0135 opened 1 week ago
Slava0135
commented
1 week ago I haven't started working on this yet, wanted to get some opinions.
AnnaShaleva
commented
1 week ago It would be helpful for us to make such research, especially for Go/C# implementations and various set of edge-cases. We have a set of VM compatibility tests with C# node (integrated as VM git submodule), and currently there's no known incompatibility issues for our VMs, but may be you'll manage to find something.
In general, some unexpected bugs may be found by fuzzing, so vote up from my side for the proposed experiment.
Recently, I stumbled upon LibAFL paper which had a reimplementation of another fuzzer called NeoDiff. The goal was to mutate smart contract byte code and look for differences in the VM state, leading to potential chain splits. This was done to Neo v2 Python and C# implementations (though it seems like LibAFL version only fuzzed EVM implementations: 'go-etherium' and 'openetherium', but not Neo, though original work fuzzed it).
So the suggestion would be to make a differential fuzzer for Neo v3 VMs and try find behavior differences (potentially harmful) in current VM implementations: 'Neo' (C#) / 'neo-go' (Go) / 'mamba' (Python).