majestrate
commented
4 years ago if you can figure out how to do a distributed proof of crash i'd love to use it.
Open frankwalter1301 opened 4 years ago
majestrate
commented
4 years ago if you can figure out how to do a distributed proof of crash i'd love to use it.
majestrate
commented
4 years ago also a fuzzer sounds like an interesting thing to put into the relay testing suite.
frankwalter1301
commented
4 years ago if you can figure out how to do a distributed proof of crash i'd love to use it.
A Proof of Crash can be decentralized when combined with a PoW. The binary of a client version suitable to be conveniently fuzzed is published, the hash and the version are written by the developers on the blockchain. The various nodes download it from a hard coded server in the client and verify it, if desired the distribution system can also be P2P, but right now I don't see the reason since the same client is distributed by a server. The binary is compiled using an library OS such as Graphene library OS and is run by nodes or miners who want to verify the crash with a minimal, lightweight and secure hypervisor, so that everything is cross platform, isolated and replicable. Fuzzers can compile it like a normal application, of course. So the system is very simple, the fuzzers find a possible vulnerability, they forge a transaction containing the arguments to replicate the crash, the fuzzed client version (which must be the latest) and calculate the reward due to them, they broadcast it, the miners verify that everything is in order, including that the crash has not been found previously for the same version, and they replicate the crash in the safe environment and if everything is ok they add it in a block. When nodes have to verify a block containing a similar transaction they also replicate the crash as miners did. Since the same crash can be induced with somewhat different arguments and also different crashes that are the result of the same bug, there is the need to add more checks when the miner or the node is verifying for duplicates, like the instructions the program is executing or something like that and maybe use something like Locality-sensitive hashing for cpu registers.
frankwalter1301
commented
4 years ago Actually, an entire hypervisor is useless since it would increase the attack surface by a lot, emulation without acceleration can work without any particular privileges and the performance cut in this case is not a problem.
majestrate
commented
4 years ago this doesn't really sound very practical. at least at this phase.
On Mon, Sep 21, 2020 at 13:05, frankwalter1301 notifications@github.com wrote:
Actually, an entire hypervisor is useless since it would increase the attack surface by a lot, emulation without acceleration can work without any particular privileges and the performance cut in this case is not a problem.
— You are receiving this because you commented. Reply to this email directly, view it on GitHub, or unsubscribe.
frankwalter1301
commented
4 years ago this doesn't really sound very practical. at least at this phase. … On Mon, Sep 21, 2020 at 13:05, frankwalter1301 @.***> wrote: Actually, an entire hypervisor is useless since it would increase the attack surface by a lot, emulation without acceleration can work without any particular privileges and the performance cut in this case is not a problem. — You are receiving this because you commented. Reply to this email directly, view it on GitHub, or unsubscribe.
You're right, as I said a proof of crash is an idea for the future. Anyway I opened the issue only to recommend to package a fuzzer for a community thing.
Project Tor has devoted a lot of resources to create a fuzzer that any user has the ability to start and keep in the background on the computer, as a sort of SETI@home, and send reports of any crashes, to try to find as many vulnerabilities as possible. I propose to do a similar thing with this project too, perhaps in the long term do something to integrate it into the blockchain and have a sort of reward (I think that a Proof of Crash is possible to implement, precisely due to the property of being replicable, and perhaps a reward based on the "offer" of vulnerabilities). I think it is essential to make this project excellent also from this point of view, and the language used does not help.