Intercomponent interface fuzzing harness

[bennetyee]

Tracking epic issue for internal testability

Goals

We need to have code testing/fuzzing mechanisms in place before we can efficiently do security audits beyond code inspection.

Details

Implement fuzzing harness for interfaces between components. Build mocks for dependent interfaces of the component under test. Each test failure should turn into a unit test / regression test.

Linked Issues

• Consensus interface
• Storage interface
• EnclaveRPC interface
• Transaction scheduler interface
• Compute P2P interface
• Merge P2P interface
• Worker-host interface

[kostko]

Listing some interfaces that we should start fuzzing:

• Consensus transactions processed by the ABCI app.
  • Staking.
  • Registry.
  • Roothash.
• Storage gRPC protocol (exposed by storage nodes).
• EnclaveRPC (used to communicate between enclaves, e.g., key manager).
• Transaction scheduler gRPC protocol (exposed by transaction scheduler nodes for receiving transactions).
• Compute batch dispatch P2P protocol (exposed by compute nodes for receiving batches).
• Compute result dispatch P2P protocol (exposed by merge nodes for receiving results from compute committees).
• Worker-host protocol (used to communicate between the node and the SGX runtime).