We keep finding bugs via fuzz tests, mostly thanks to @apoelstra running local tests. We should do this more on a crate level. Maybe (almost) every function has one or many fuzz tests associated with it?
We should also explore new ways how we use fuzz tests. Currently we mostly look for crashes. Alternatively, functions could have pre and post conditions, similar to the C code, that we fuzz against. The fuzzer produces an input, we filter for inputs that satisfy the pre condition, and we check if the post condition is fulfilled.
We keep finding bugs via fuzz tests, mostly thanks to @apoelstra running local tests. We should do this more on a crate level. Maybe (almost) every function has one or many fuzz tests associated with it?
We should also explore new ways how we use fuzz tests. Currently we mostly look for crashes. Alternatively, functions could have pre and post conditions, similar to the C code, that we fuzz against. The fuzzer produces an input, we filter for inputs that satisfy the pre condition, and we check if the post condition is fulfilled.