配置区块链共识漏洞检测工具
Fluffy Yang Y, Kim T, Chun B G. Finding consensus bugs in ethereum via multi-transaction differential fuzzing[C]//15th USENIX Symposium on Operating Systems Design and Implementation (OSDI 21). 2021: 349-365.
项目地址:https://github.com/snuspl/fluffy
1 2 git clone https://github.com/snuspl/fluffy sudo docker build -t fuzzer .
发现存在ethereum-forkid和aes包的依赖问题
修改Cargo.toml,增加
ethereum-forkid = "0.12.0"
以及
1 2 3 4 5 6 7 [patch.crates-io] syn = { git = "https://github.com/johnyangk/syn", branch = "fix", optional = true } aes = { git = "https://github.com/RustCrypto/block-ciphers",rev="aes-v0.3.2"} aes-soft = { git = "https://github.com/RustCrypto/block-ciphers",rev = "aes-soft-v0.3.0"} aesni = { git = "https://github.com/RustCrypto/block-ciphers",rev = "aesni-v0.6.0"} block-cipher-trait = { git = "https://github.com/RustCrypto/traits", rev = "block-cipher-trait-v0.6.0" } stream-cipher = { git = "https://github.com/RustCrypto/traits", rev = "stream-cipher-v0.3.0"}
问题诸多,相关问题已经在issue 中提出
LOKI https://github.com/ConsensusFuzz/LOKI/tree/main
缺少对Geth的实现以及与本地冲突