Patrick Ventuzelo

Beaconfuzz - A Journey into Ethereum 2.0 Blockchain Fuzzing and Vulnerability Discovery

Abstract

This talk is about our journey and step-by-step process into fuzzing Ethereum 2.0 implementations software. We will start with a brief introduction to Ethereum 2.0 specification and ecosystem. Then, we will explain the architecture of this type of software and the kind of bugs we were looking for (DoS, logic/consensus bugs). We will also detail the complexity behind fuzzing 5 differents under-development software written in 5 different languages (Rust, Go, Java, Nim, JS) by 5 different teams. Finally, we will go chronologically through all the different fuzzing frameworks and techniques (dumb, coverage-guided, differential,  structural) we used and why we choose them in the first place. In the end, this project leads us to find more than 30 critical bugs across all implementations.

BIO

Patrick is a French senior security researcher specialized in fuzzing, vulnerability research and reverse engineering. He is the founder of Fuzzinglabs and spends his days doing research and giving training around Rust, Go, WebAssembly and Blockchain security. Over time, he found hundreds of bugs and presents his work at various security conferences around the globe, including REcon, RingZer0, ToorCon, hack.lu, NorthSec, FIRST, Microsoft DCC, etc.