CN116662207B - Fuzzy test method for block chain network - Google Patents

Abstract

The invention discloses a method for performing fuzzy test on a blockchain network, which comprises the following steps: generating high-quality seeds for fuzzy test according to the parameter types transmitted by the RPC interface; changing the mode of each RPC interface for acquiring data; and (5) fuzzy test. According to the invention, the high-quality seeds are generated according to the RPC interface, the fuzzy test data are modified to be acquired from the local fuzzy tester, and the fuzzy test manager is deployed to implement the optimized test strategy on the blockchain network, so that the more comprehensive test on the blockchain network is effectively realized, the test coverage rate of the blockchain network is improved, the test efficiency is high, the response is quick, and the practicability is strong.

Description

A method for fuzz testing blockchain networks

Technical Field

The present invention relates to a method for performing fuzzy testing on a blockchain network, and belongs to the technical field of blockchain security.

Background technique

Currently, there are relatively few fuzz testing methods for blockchain networks. Existing methods usually test a module of the blockchain network, such as smart contracts, consensus algorithms, virtual machines, or encryption algorithms, or perform tests on specific vulnerability analysis and mining of the blockchain network. Obviously, there are limitations in test coverage.

The Chinese invention patent application with application publication number CN115357902A proposes a fuzz testing method for blockchain systems, which uses Web3 to manually analyze the underlying blockchain code, locate the weak code, construct the weak seed, and manually construct the corresponding weakness detection code, and then uses the fuzz testing method to test the blockchain system. Obviously, it focuses on discovering vulnerabilities in specific aspects of the blockchain system, and it is difficult to cover the overall situation of the blockchain system. In addition, the test coverage focuses on covering the code related to specific weaknesses, and the overall test coverage is not considered. For example, the code logic of querying blockchain transactions, querying blocks, the latest status of the blockchain, and querying transaction fees in the test blockchain system is not considered. In addition, this method sends network data through Web3 for fuzz testing. This method of fuzz testing through network protocols is inefficient.

The Chinese invention patent application with application publication number CN114357459A proposes an information security detection method for blockchain systems. It performs security detection on each layer of the blockchain system and needs to build a vulnerability database. However, the fuzzy testing method mentioned therein only performs security detection on the smart contracts of the blockchain system, and the test coverage is low.

Summary of the invention

The purpose of the present invention is to provide a method for performing fuzzy testing on a blockchain network, which solves the problem of low test coverage for a blockchain network in the prior art.

In order to achieve the above object, the present invention adopts the following technical solutions:

A method for fuzz testing a blockchain network, comprising the steps of:

1) Generate a high-quality seed for fuzz testing according to the parameter type transmitted by the RPC interface, wherein the high-quality seed is used to represent a test seed supporting the parameter type transmitted by the RPC interface;

2) Change the way each RPC interface obtains data;

3) Use the high-quality seeds to perform fuzz testing on the blockchain network.

In the specific implementation, step 1) specifically includes:

1-1) Arrange all types corresponding to the RPC interface transmission parameters involved in the blockchain network and define a parameter type set P;

1-2) Generate seed data for different parameter types of the parameter type set P respectively;

1-3) Arrange the parameter types corresponding to each of the RPC interfaces;

1-4) Generate high-quality seeds for the randomly selected RPC interface and establish a seed database for fuzz testing.

In a specific implementation, a preferred solution is that the step 1-4) includes: randomly selecting one of the RPC interfaces, generating seeds as high-quality seeds for each parameter type corresponding to the RPC interface based on the steps 1-1) to 1-3), and storing and establishing the seed database.

In the specific implementation, the step 2) specifically includes: analyzing the code of the blockchain network involving the RPC interface, finding the network data receiving code about the RPC interface, and changing the network data receiving code to obtain it from a local fuzz tester, wherein, for the blockchain network, each node deploys a fuzz tester as the local fuzz tester.

In the specific implementation, the better solution is to use the compilation tool provided by the fuzz tester to compile the network data receiving code to generate an instrumented blockchain program, so that the instrumented blockchain program supports test coverage monitoring and covers all the RPC interface calls provided by the blockchain network as much as possible, and guide the fuzz tester to call all the RPC interfaces.

In specific implementation, a preferred solution is that the change of the network data receiving code of the RPC interface follows the following logic:

Obtain fuzz testing data from the local fuzz tester;

Randomly select one of the RPC interfaces and its parameter types;

Convert the fuzzy test data into a parameter type corresponding to the RPC interface;

The RPC underlying method is called to process the parameter type and then transmitted through the selected RPC interface.

In specific implementation, the step 3) specifically includes:

3-1) Deploy a fuzzy test manager for the blockchain network, wherein the fuzzy test manager includes a node management module, a node monitoring module and a test reporting module;

3-2) The node management module controls multiple nodes to perform fuzz testing, wherein: for each of the nodes, the seed database and the inserted blockchain program are used as inputs of the local fuzz tester;

3-3) The node monitoring module monitors the operation status of each node, wherein: if the test coverage of all nodes does not increase within a specified time, the test is stopped;

3-4) The test report module collects the fuzzy test information of each node and generates a test report.

In specific implementation, a better solution is that in step 3-2), the selected multiple nodes are deployed to different network areas, wherein the network areas refer to areas where different servers of Alibaba Cloud are located.

In a specific implementation, a preferred solution is that the node management module randomly selects one of the nodes to stop or start the operation at a set interval.

In specific implementation, a preferred solution is that the test report includes the IP information of each node, crash information, test cases that caused the crash, and test coverage statistics.

The advantages of the present invention are:

The present invention generates high-quality seeds according to the RPC interface, modifies the fuzzy test data to be obtained from the local fuzz tester, and deploys a fuzzy test manager to implement an optimized test strategy for the blockchain network, thereby effectively achieving a more comprehensive test of the blockchain network, improving the test coverage for the blockchain network, and having high test efficiency, fast response, and strong practicality.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG1 is a flowchart of an implementation method of the present invention for performing fuzzy testing on a blockchain network.

Figure 2 is a schematic diagram of a blockchain network deployment fuzz testing manager.

Detailed ways

The blockchain network is a popular mature network. The blockchain network is actually a collection of a group of decentralized network nodes, which are composed of different participants. These participants jointly maintain a ledger database, which records all historical transactions. The blockchain network uses some distributed consensus algorithms and cryptography technologies, making it extremely difficult for these ledger data to be arbitrarily changed by a participant, so it is considered to be a decentralized distributed database. A distributed system is a loosely coupled system composed of multiple processors interconnected by communication lines.

For blockchain networks, the present invention proposes a fuzz testing method. The fuzz testing referred to here is a method for discovering software vulnerabilities by providing unexpected inputs to the target system and monitoring abnormal results.

As shown in FIG1 , specifically, the method for performing fuzzy testing on a blockchain network of the present invention comprises the following steps:

1) Generate high-quality seeds for fuzz testing according to the parameter types transmitted by the RPC interface, where the high-quality seeds are used to represent test seeds that support the parameter types transmitted by the RPC interface.

In order to improve the test coverage, the generated high-quality seeds should support as many parameter types as possible transmitted by each RPC interface of the blockchain network, including the following steps:

1-1) Sort out all types corresponding to the transmission parameters of each RPC interface involved in the blockchain network and define the parameter type set P;

For example, taking Ethereum as an example, its parameter type set P is defined as: (account{string:address,string:privateKey},transaction{string:address,BN:gas,string:gasPrice,string:nonce...},BN,array, boolen, string, contract_data)

Among them, account represents the data structure that conforms to the Ethereum account type, transaction represents the data structure that conforms to the Ethereum transaction type, BN represents the large number type, array represents the array type, boolen represents the Boolean type, string represents the string type, and contract_data represents the smart contract data type.

1-2) Generate seed data for different parameter types of parameter type set P;

For example, for the account data structure, use the web3.eth.accounts.create well-known method to generate it. For the transaction data structure, it represents a composite type, and its subtypes are composed of other types. For example, for Ethereum transaction, its subtypes are composed of string and BN. First, generate the seed data of the subtype, and then combine to generate the seed data of the transaction data structure. For the BN type, use the random method of the large data type library to generate it. For the string type, which is a basic type, use the random function library to generate it. For the contract_data type, it represents the smart contract data type. You can first download the smart contract ABI data set from the Internet, and then use the data set and generalize it according to the ABI specification to generate a large amount of seed data.

1-3) Sort out the parameter types corresponding to each RPC interface;

In actual implementation, each RPC interface and its corresponding parameter type can be organized according to the following pseudo code description:

{

"rpc_methods":[

{

"name": "defaultAccount",

"params": []

},{

"name": "getBlock",

"params":["BN"]

},{

"name": "sendTransaction",

"params":["transaction"]

},{

"name": "submitWork",

"params":["string", "string", "string"]

}

...

]

}

Among them, "name" indicates the name of the RPC interface, and "params" indicates the parameter type corresponding to the RPC interface.

1-4) Generate high-quality seeds for randomly selected RPC interfaces and establish a seed database for fuzz testing;

In actual implementation, it specifically includes: randomly selecting an RPC interface, based on the above 1-1) to 1-3), generating seeds as high-quality seeds for each parameter type corresponding to this RPC interface, storing and establishing a seed database.

For example, you can generate high-quality seeds and establish a seed database according to the following pseudo code description:

seeds_count = N

seeds = []

while N != 0:

#Randomly select an RPC interface

rpc_name, rpc_param_types = random_select_rpc()

#Generate seeds for each parameter type of the RPC interface

seed = generate_seed(rpc_name, rpc_param_types)

#Store seeds

seeds.push(seed)

N = N - 1

#Write the seed into a file and save it. Create a seed database

write_seeds_to_files(seeds)

2) Change the way each RPC interface obtains data, that is, change the way each RPC interface obtains data from the network to obtaining data from the local fuzz tester, thereby greatly improving the test efficiency.

The process of the change is: analyze the code of the RPC interface involved in the blockchain network, find the network data receiving code about the RPC interface (that is, the code used by the RPC interface to receive network data), and change the network data receiving code to obtain it from the local fuzz tester. For each node in the blockchain network (Figure 2 shows the situation where the blockchain network is designed with N nodes), a fuzz tester will be deployed on each node, recorded as a local fuzz tester. Different from obtaining data from the network, the local fuzz tester is designed to obtain data from the fuzz tester deployed on this node (such as obtaining data from memory) for the RPC interface, thereby increasing the test speed.

Specifically, the network data receiving code is compiled using the compilation tool provided by the fuzz tester to generate an instrumented blockchain program. The instrumented blockchain program here supports test coverage (more precisely, fuzz test code coverage) monitoring, and in order to improve the test coverage, all RPC interface calls provided by the blockchain network should be covered as much as possible to guide the fuzz tester to call all RPC interfaces. The changes to the network data receiving code of the RPC interface follow the logic described in the following pseudo code:

while true:

#Get fuzz test data from the local fuzz tester (the fuzz test data here refers to the byte array data generated by the fuzz tester itself. This data can be generated randomly or using a mutation algorithm, which is a common practice of fuzz test engines)

bytes[] input = get_inputs_from_fuzzer()

#Randomly select an RPC interface and its parameter type

rpc_name, rpc_param_types = random_select_rpc()

#Convert the fuzzy test data into the parameter type corresponding to the RPC interface

rpc_params = parse_params(input, rpc_param_types)

#Call the existing RPC underlying method for processing (after processing such as parameter verification, call the lower-level blockchain internal processing function for related processing) and enter the parameter type through the selected RPC interface transmission

invoke(rpc_name, rpc_params)

3) Use the high-quality seeds to perform fuzz testing on the blockchain network.

The fuzz testing process specifically includes:

3-1) Deploy a fuzz test manager for the blockchain network, where the fuzz test manager includes a node management module, a node monitoring module, and a test report module;

3-2) The node management module controls multiple nodes to perform fuzz testing, where: for each node, the seed database and the instrumented blockchain program are used as inputs of the local fuzz tester;

3-3) The node monitoring module monitors the operation of each node, where: if the test coverage of all nodes does not increase within the specified time, the test is stopped;

3-4) The test report module collects the fuzzy test information of each node and generates a test report.

Specifically, in the present invention, the blockchain network is provided with a fuzzy test manager for managing and monitoring each node and generating a test report. As shown in Figure 2, the fuzzy test manager includes a node management module, a node monitoring module and a test report module, wherein:

The node management module is mainly used to deploy, start and stop nodes, as well as manage the local fuzz testers deployed on the nodes.

An example of how the node management module performs fuzz testing:

run_fuzzer-i [seed folder] [instrumented blockchain program]

Among them, run_fuzzer-i is used to start the plugged-in blockchain program of the i-th node, and continuously generate new fuzz test data based on the high-quality seeds in the seed folder and transmit it into the plugged-in blockchain program.

The preferred solution is that the multiple nodes selected above should be deployed to different network areas. The real blockchain network (public network) is generally any node in the world, and the data synchronization between each node will have a delay characteristic, so the blockchain network will have code to handle such data synchronization delay. In order to pursue higher test coverage, the real environment should be simulated as much as possible. Therefore, the network area here can be the area where different servers of Alibaba Cloud are located, so as to simulate the real blockchain network situation. For example, the network areas of Alibaba Cloud servers in Hong Kong, Mumbai, Central China, and North China. In this way, when data is synchronized between nodes, due to factors such as network delays between various network areas, data transmission will be terminated/interrupted or the network will be temporarily unreachable due to network factors, so that the data synchronization module of the blockchain network itself triggers the node synchronization data error handling code logic, thereby improving the test coverage.

In addition, in order to ensure that the error handling logic during node data synchronization can be tested and further improve the test coverage, the node management module should randomly select a node to stop or start at a set time interval (such as several minutes).

The node monitoring module is used to obtain the fuzz testing status of the entire blockchain network. Furthermore, in order to ensure that the test can converge to stop the test, the node monitoring module should periodically collect the test coverage of each node, so that the fuzz testing can be stopped when the test coverage of all monitored nodes does not increase within the specified time, avoiding unlimited testing.

The test report module is used to collect the data generated by each node in the test to generate a test report. The test report includes the IP information of each node, crash information, test cases that caused the crash, test coverage statistics, etc.

In this invention, RPC (abbreviation of Remote Procedure Call) is a set of protocols and interfaces for clients to interact with blockchain networks. Users can query blockchain-related information (such as blocks, block heights, node connections, etc.) and send transactions through the RPC interface.

In the present invention, the p2p layer (abbreviation of Peer-to-peer networking, peer-to-peer network) is a network layer in the blockchain that transmits/synchronizes data (such as block synchronization, transaction synchronization, etc.) with adjacent nodes in a peer-to-peer manner.

The present invention generates high-quality seeds according to the RPC interface, modifies the fuzzy test data to be obtained from the local fuzz tester, and deploys a fuzzy test manager to implement an optimized test strategy for the blockchain network, thereby effectively achieving a more comprehensive test of the blockchain network, improving the test coverage for the blockchain network, and having high test efficiency, fast response, and strong practicality.

The above are preferred embodiments of the present invention and the technical principles used therein. For those skilled in the art, any obvious changes such as equivalent transformations, simple replacements, etc. based on the technical solution of the present invention, without departing from the spirit and scope of the present invention, are within the scope of protection of the present invention.

Claims (5)

1. A method for fuzz testing a blockchain network, comprising the steps of: 1) Generate a high-quality seed for fuzz testing according to the parameter type transmitted by the RPC interface, wherein the high-quality seed is used to represent a test seed supporting the parameter type transmitted by the RPC interface; 2) Change the way each RPC interface obtains data; 3) Using the high-quality seeds to conduct fuzz testing on the blockchain network; in: The step 2) includes: analyzing the code of the blockchain network related to the RPC interface, finding the network data receiving code about the RPC interface, and changing the network data receiving code to be obtained from a local fuzz tester, wherein, for the blockchain network, each node deploys a fuzz tester as the local fuzz tester; The step 3) comprises: 3-1) Deploy a fuzzy test manager for the blockchain network, wherein the fuzzy test manager includes a node management module, a node monitoring module and a test reporting module; 3-2) The node management module controls multiple nodes to perform fuzz testing, wherein: for each of the nodes, the seed database and the inserted blockchain program are used as inputs of the local fuzz tester; the inserted blockchain program of the node is started, and new fuzz test data is continuously generated based on the high-quality seeds in the seed folder and input into the inserted blockchain program; 3-3) The node monitoring module monitors the operation status of each node, wherein: if the test coverage of all nodes does not increase within a specified time, the test is stopped; 3-4) The test report module collects the fuzzy test information of each node and generates a test report; In step 3-2), the selected multiple nodes are deployed to different network areas, wherein the network areas refer to areas where different servers of Alibaba Cloud are located; Compile the network data receiving code using the compilation tool provided by the fuzz tester to generate an instrumented blockchain program, so that the instrumented blockchain program supports test coverage monitoring and covers all the RPC interface calls provided by the blockchain network, and guides the fuzz tester to call all the RPC interfaces; The node management module randomly selects one of the nodes to stop or start at a set interval. 2. The method for performing fuzz testing on a blockchain network according to claim 1, wherein step 1) comprises: 1-1) Arrange all types corresponding to the RPC interface transmission parameters involved in the blockchain network and define a parameter type set P; 1-2) Generate seed data for different parameter types of the parameter type set P respectively; 1-3) Arrange the parameter types corresponding to each of the RPC interfaces; 1-4) Generate high-quality seeds for the randomly selected RPC interface and establish a seed database for fuzz testing. 3. The method for fuzz testing a blockchain network as described in claim 2 is characterized in that the step 1-4) includes: randomly selecting one of the RPC interfaces, based on the steps 1-1) to 1-3), generating seeds as high-quality seeds for each parameter type corresponding to the RPC interface, storing and establishing the seed database. 4. The method for fuzz testing a blockchain network according to claim 1, wherein the change of the network data receiving code of the RPC interface follows the following logic: Obtain fuzz testing data from the local fuzz tester; Randomly select one of the RPC interfaces and its parameter types; Convert the fuzzy test data into a parameter type corresponding to the RPC interface; The RPC underlying method is called to process the parameter type and then transmitted through the selected RPC interface. 5. The method for performing fuzz testing on a blockchain network as described in claim 1, characterized in that the test report includes IP information, crash information, test cases that cause crashes, and test coverage statistics of each of the nodes.