Differential Fuzzing of Bitcoin implementations and libraries. Note this project is a WIP and might be not stable.
cd modules/rustbitcoin
cd rust_bitcoin_lib && cargo build --release --target=aarch64-apple-darwin
cd .. && make
export CXXFLAGS="$CXXFLAGS -DRUST_BITCOIN"Change the target according to your architecture. You may need to modify the Makefile as well.
cd modules/rustminiscript
cd rust_miniscript_lib && cargo build --release --target=aarch64-apple-darwin
cd .. && make
export CXXFLAGS="$CXXFLAGS -DRUST_MINISCRIPT"For the script_eval target, we recommend to get Mako from https://github.com/brunoerg/mako/tree/bitcoinfuzz since there are some checks that should be skipped for better fuzzing.
cd modules/mako
export MAKO_LIB_PATH="path/to/libmako.a"
makecd modules/bitcoin
make
export CXXFLAGS="$CXXFLAGS -DBITCOIN_CORE"
export BOOST_LIB_DIR="path/to/boost/"Once the modules are compiled, you can compile bitcoinfuzz and execute it:
make
FUZZ=target_name ./bitcoinfuzz- sipa/miniscript: sipa/miniscript#140
- rust-miniscript: rust-bitcoin/rust-miniscript#633
- rust-bitcoin: rust-bitcoin/rust-bitcoin#2681
- btcd: btcsuite/btcd#2195 (API mismatch with Bitcoin Core)
- Bitcoin Core: #34
- rust-miniscript: rust-bitcoin/rust-miniscript#696 (not found but reproductive)
- rust-miniscript: #39
- rust-bitcoin: rust-bitcoin/rust-bitcoin#2891
- rust-bitcoin: rust-bitcoin/rust-bitcoin#2879
- btcd: btcsuite/btcd#2199
- rust-bitcoin: #57
- rust-bitcoin: CVE-2024-44073