Randomized Testing of Byzantine Fault Tolerant Algorithms

Byzantine fault-tolerant algorithms promise agreement on a correct value, even if subset of processes can deviate from the algorithm arbitrarily. While these provide strong guarantees in theory, practice, protocol bugs and implementation mistakes may still cause them to go wrong. This paper introduces ByzzFuzz, simple yet effective method for automatically finding errors implementations through randomized testing. ByzzFuzz detects fault-tolerance by injecting randomly generated network process faults into their executions. To navigate space possible faults, small-scope message mutations which mutate contents messages applying small changes original either value (e.g., incrementing round number) or time repeating proposal previous message). We find that mutations, combined with insights testing fuzzing literature, are at uncovering logic real-world systems. implemented applied it test production two popular blockchain systems, Tendermint Ripple, an seminal PBFT protocol. detected several PBFT, potential liveness violation Tendermint, materialized theoretically described vulnerabilities Ripple’s XRP Ledger Consensus Algorithm. Moreover, we discovered previously unknown bug is confirmed developers fixed.