Affiliation:
1. Delft University of Technology, Netherlands
2. Vrije Universiteit Amsterdam, Netherlands
Abstract
Byzantine fault-tolerant algorithms promise agreement on a correct value, even if a subset of processes can deviate from the algorithm arbitrarily. While these algorithms provide strong guarantees in theory, in practice, protocol bugs and implementation mistakes may still cause them to go wrong. This paper introduces ByzzFuzz, a simple yet effective method for automatically finding errors in implementations of Byzantine fault-tolerant algorithms through randomized testing. ByzzFuzz detects fault-tolerance bugs by injecting randomly generated network and process faults into their executions. To navigate the space of possible process faults, ByzzFuzz introduces small-scope message mutations which mutate the contents of the protocol messages by applying small changes to the original message either in value (e.g., by incrementing the round number) or in time (e.g., by repeating a proposal value from a previous message). We find that small-scope mutations, combined with insights from the testing and fuzzing literature, are effective at uncovering protocol logic and implementation bugs in real-world fault-tolerant systems.We implemented ByzzFuzz and applied it to test the production implementations of two popular blockchain systems, Tendermint and Ripple, and an implementation of the seminal PBFT protocol. ByzzFuzz detected several bugs in the implementation of PBFT, a potential liveness violation in Tendermint, and materialized two theoretically described vulnerabilities in Ripple’s XRP Ledger Consensus Algorithm. Moreover, we discovered a previously unknown fault-tolerance bug in the production implementation of Ripple, which is confirmed by the developers and fixed.
Publisher
Association for Computing Machinery (ACM)
Subject
Safety, Risk, Reliability and Quality,Software
Reference92 articles.
1. Ittai Abraham , Guy Gueta , Dahlia Malkhi , Lorenzo Alvisi , Ramakrishna Kotla , and Jean-Philippe Martin . 2017. Revisiting Fast Practical Byzantine Fault Tolerance. CoRR, abs/1712.01367 ( 2017 ), arXiv:1712.01367. arxiv:1712.01367 Ittai Abraham, Guy Gueta, Dahlia Malkhi, Lorenzo Alvisi, Ramakrishna Kotla, and Jean-Philippe Martin. 2017. Revisiting Fast Practical Byzantine Fault Tolerance. CoRR, abs/1712.01367 (2017), arXiv:1712.01367. arxiv:1712.01367
2. Automating Failure Testing Research at Internet Scale
3. Elle: Inferring Isolation Anomalies from Experimental Observations;Alvaro Peter;Proc. VLDB Endow.,2020
4. Lineage-driven Fault Injection
5. Parameterized Model Checking of Synchronous Distributed Algorithms by Abstraction
Cited by
4 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. Phoenix: Detect and Locate Resilience Issues in Blockchain via Context-Sensitive Chaos;Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security;2023-11-15
2. Liveness Checking of the HotStuff Protocol Family;2023 IEEE 28th Pacific Rim International Symposium on Dependable Computing (PRDC);2023-10-24
3. A Fault‐tolerant model for tuple space coordination in distributed environments;Concurrency and Computation: Practice and Experience;2023-08-07
4. Randomized Testing of Byzantine Fault Tolerant Algorithms;Proceedings of the ACM on Programming Languages;2023-04-06