1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
|
Return-Path: <kristovatlas.lists@gmail.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id 22AD61046
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 1 Sep 2015 15:50:37 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-ob0-f182.google.com (mail-ob0-f182.google.com
[209.85.214.182])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 635F6202
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 1 Sep 2015 15:50:36 +0000 (UTC)
Received: by obbbh8 with SMTP id bh8so2899868obb.0
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 01 Sep 2015 08:50:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:date:message-id:subject:from:to:content-type;
bh=E2sGb+aaSophpT2EVDInvCNV8e2zB9dDIQaGbbwVo0k=;
b=sfjQGxtdr8KV5XTF5W/jYDm93zTmHZWTRUcbZUnbKH6Jt49wsDSMX9YtuydRZQ9i4f
eF0vHt6ilLJbCX0MQF/KSRPdESBvS5EU3s0pFLGPxRLMp0b09yqpzgkWkZjt9LZGKwn2
AnaQlUl1JNy4lm+xaJQ+/7C8vLlp9T4dD8P8f8tE2ssOzU78mPNTO+cYO5KzfDr5COzM
mp+dnv14REvtuP1cIDkdgevhFrP5K4t+4d+hBwHIQyTTInnWbXGUew9isVEIbxVMNfQW
3il/z/wA6sEXE3wYOx1Ft2MBtM/Jj5w/4P9W9CKReZEoXDIqIKHswgYBp81mbILrwA38
PhGg==
MIME-Version: 1.0
X-Received: by 10.60.125.8 with SMTP id mm8mr18174788oeb.73.1441122635748;
Tue, 01 Sep 2015 08:50:35 -0700 (PDT)
Received: by 10.202.183.215 with HTTP; Tue, 1 Sep 2015 08:50:35 -0700 (PDT)
Date: Tue, 1 Sep 2015 11:50:35 -0400
Message-ID: <CAGH37S+daPddzwo1bJ0sPs3RfLOE63TPkCrc-X6qhNw7nu6=Xg@mail.gmail.com>
From: Kristov Atlas <kristovatlas.lists@gmail.com>
To: bitcoin-dev@lists.linuxfoundation.org
Content-Type: multipart/alternative; boundary=047d7b339b21c818b9051eb18287
X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_LOW
autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
Subject: [bitcoin-dev] push tx fuzzing
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Development Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Sep 2015 15:50:37 -0000
--047d7b339b21c818b9051eb18287
Content-Type: text/plain; charset=UTF-8
I am interested in finding or writing a fuzzer for push tx APIs. I did not
find one after a brief search. Has anyone found otherwise, or is she in the
process of writing one?
If not, what features would people recommend for a new push tx fuzzer?
Endpoints I would like to test include:
https://live.blockcypher.com/btc-testnet/pushtx/
https://insight.bitpay.com/tx/send
https://blockchain.info/pushtx
https://coinb.in/#broadcast
https://btc.blockr.io/tx/push
https://chain.localbitcoins.com/tx/send
The fuzzer should be able to send random data, invalid characters, etc. but
also fuzz particular aspects of the transaction format such as malformed
P2SH and P2PKH transactions, fields such as lock time, size, # inputs,
version number, vin size, etc. It should also be able to fuzz a variety of
valid and invalid script formats using odd op codes, changing the order of
op codes, etc.
If anyone has recommendations about how such a fuzzer should be structured,
please let me know.
Finally, if you are interested in collaborating, please contact me via
private message.
Thanks!
Kristov
--047d7b339b21c818b9051eb18287
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div><font size=3D"2"><span style=3D"font-family:arial,hel=
vetica,sans-serif">I am interested in finding or writing a fuzzer for push =
tx APIs. I did not find one after a brief search. Has anyone found otherwis=
e, or is she in the process of writing one?<br><br></span></font></div><div=
><font size=3D"2"><span style=3D"font-family:arial,helvetica,sans-serif">If=
not, what features would people recommend for a new push tx fuzzer? <br><b=
r></span></font></div><div><font size=3D"2"><span style=3D"font-family:aria=
l,helvetica,sans-serif">Endpoints I would like to test include:<br></span><=
/font><p dir=3D"ltr" style=3D"line-height:1.38;margin-top:0pt;margin-bottom=
:0pt" id=3D"docs-internal-guid-1fad767d-8992-5f4f-2af3-4b5bbf41c9d0"><font =
size=3D"2"><span style=3D"font-family:arial,helvetica,sans-serif"><span sty=
le=3D"color:rgb(0,0,0);background-color:transparent;font-weight:400;font-st=
yle:normal;font-variant:normal;text-decoration:none;vertical-align:baseline=
"><a href=3D"https://live.blockcypher.com/btc-testnet/pushtx/">https://live=
.blockcypher.com/btc-testnet/pushtx/</a></span></span></font></p><p dir=3D"=
ltr" style=3D"line-height:1.38;margin-top:0pt;margin-bottom:0pt"><font size=
=3D"2"><span style=3D"font-family:arial,helvetica,sans-serif"><span style=
=3D"color:rgb(0,0,0);background-color:transparent;font-weight:400;font-styl=
e:normal;font-variant:normal;text-decoration:none;vertical-align:baseline">=
<a href=3D"https://insight.bitpay.com/tx/send">https://insight.bitpay.com/t=
x/send</a></span></span></font></p><p dir=3D"ltr" style=3D"line-height:1.38=
;margin-top:0pt;margin-bottom:0pt"><font size=3D"2"><span style=3D"font-fam=
ily:arial,helvetica,sans-serif"><span style=3D"color:rgb(0,0,0);background-=
color:transparent;font-weight:400;font-style:normal;font-variant:normal;tex=
t-decoration:none;vertical-align:baseline"><a href=3D"https://blockchain.in=
fo/pushtx">https://blockchain.info/pushtx</a></span></span></font></p><p di=
r=3D"ltr" style=3D"line-height:1.38;margin-top:0pt;margin-bottom:0pt"><font=
size=3D"2"><span style=3D"font-family:arial,helvetica,sans-serif"><a href=
=3D"https://coinb.in/#broadcast" style=3D"text-decoration:none"><span style=
=3D"color:rgb(17,85,204);background-color:transparent;font-weight:400;font-=
style:normal;font-variant:normal;text-decoration:underline;vertical-align:b=
aseline">https://coinb.in/#broadcast</span></a></span></font></p><p dir=3D"=
ltr" style=3D"line-height:1.38;margin-top:0pt;margin-bottom:0pt"><font size=
=3D"2"><span style=3D"font-family:arial,helvetica,sans-serif"><span style=
=3D"color:rgb(0,0,0);background-color:transparent;font-weight:400;font-styl=
e:normal;font-variant:normal;text-decoration:none;vertical-align:baseline">=
<a href=3D"https://btc.blockr.io/tx/push">https://btc.blockr.io/tx/push</a>=
</span></span></font></p><p dir=3D"ltr" style=3D"line-height:1.38;margin-to=
p:0pt;margin-bottom:0pt"><font size=3D"2"><span style=3D"font-family:arial,=
helvetica,sans-serif"><span style=3D"color:rgb(0,0,0);background-color:tran=
sparent;font-weight:400;font-style:normal;font-variant:normal;text-decorati=
on:none;vertical-align:baseline"><a href=3D"https://chain.localbitcoins.com=
/tx/send">https://chain.localbitcoins.com/tx/send</a></span></span></font><=
/p><p dir=3D"ltr" style=3D"line-height:1.38;margin-top:0pt;margin-bottom:0p=
t"><br><font size=3D"2"><span style=3D"font-family:arial,helvetica,sans-ser=
if"></span></font></p><p style=3D"line-height:1.38;margin-top:0pt;margin-bo=
ttom:0pt"><font size=3D"2"><span style=3D"font-family:arial,helvetica,sans-=
serif">The fuzzer should be able to send random data, invalid characters, e=
tc. but also fuzz particular aspects of the transaction format such as malf=
ormed P2SH and P2PKH transactions, fields such as lock time, size, # inputs=
, version number, vin size, etc. It should also be able to fuzz a variety o=
f valid and invalid script formats using odd op codes, changing the order o=
f op codes, etc.</span></font></p><p style=3D"line-height:1.38;margin-top:0=
pt;margin-bottom:0pt"><br><font size=3D"2"><span style=3D"font-family:arial=
,helvetica,sans-serif"></span></font></p><p style=3D"line-height:1.38;margi=
n-top:0pt;margin-bottom:0pt"><font size=3D"2"><span style=3D"font-family:ar=
ial,helvetica,sans-serif">If anyone has recommendations about how such a fu=
zzer should be structured, please let me know.</span></font></p><p style=3D=
"line-height:1.38;margin-top:0pt;margin-bottom:0pt"><br><font size=3D"2"><s=
pan style=3D"font-family:arial,helvetica,sans-serif"></span></font></p><p s=
tyle=3D"line-height:1.38;margin-top:0pt;margin-bottom:0pt"><font size=3D"2"=
><span style=3D"font-family:arial,helvetica,sans-serif">Finally, if you are=
interested in collaborating, please contact me via private message.</span>=
</font></p><p style=3D"line-height:1.38;margin-top:0pt;margin-bottom:0pt"><=
br><font size=3D"2"><span style=3D"font-family:arial,helvetica,sans-serif">=
</span></font></p><p style=3D"line-height:1.38;margin-top:0pt;margin-bottom=
:0pt"><font size=3D"2">Thanks!</font></p><p style=3D"line-height:1.38;margi=
n-top:0pt;margin-bottom:0pt"><font size=3D"2">Kristov</font><br></p><p styl=
e=3D"line-height:1.38;margin-top:0pt;margin-bottom:0pt"><font size=3D"2"><s=
pan style=3D"font-family:arial,helvetica,sans-serif"></span></font></p><p d=
ir=3D"ltr" style=3D"line-height:1.38;margin-top:0pt;margin-bottom:0pt"><fon=
t size=3D"2"><span style=3D"font-family:arial,helvetica,sans-serif"><span s=
tyle=3D"color:rgb(0,0,0);background-color:transparent;font-weight:400;font-=
style:normal;font-variant:normal;text-decoration:none;vertical-align:baseli=
ne"></span></span></font></p><font size=3D"2"><span style=3D"font-family:ar=
ial,helvetica,sans-serif"></span></font></div></div>
--047d7b339b21c818b9051eb18287--
|
