Referendum #942
Treasury Spend #7

#7·Phink – ink! fuzzer for security and robustness

Treasury
3mos ago
10 Comments
Paid
  • Content
  • AI Summary
Reply
Up
Share
Request
198.1KUSDt
Beneficiary
This spend has been paid. Check the beneficiary
  • Metadata
  • Timeline2
Comments

How much of the codebase will be extendible for future non-Ink! smart contract development plans i.e. PolkaVM, Plaza and so on.
Will those require a new repository for fuzzing tools significantly different or is there any chance to bootstrap those in the future from this repo? We have voted AYE already because fuzzing remains an important element in smart contract development's pipelines.

Reply
Up

Hey @SRLabs,

Thanks for the proposal, I've got a couple questions:

  1. How does this tool compare to existing fuzzer/fuzzer-runner available for rust, like the very popular cargo-fuzz?
  2. Can you expand on this point: "developer-specific and common smart contract invariants"? Pardon my ignorant, but as I understand, invariants here are basically test cases that need to be defined by developer, right?
  3. After having clarified the above 2 points & taking into account that most heavy lifting is done by the "actual" fuzzer. How does this proposal justify the cost of USD 200,000 for 4 months of work?
  4. Finally, since this is a very technical heavy proposal, it would be great if you can provide code snippets for any question answered if possible.
Reply
Up