Antonio Viggiano: Teach Me How To Fuzz

E20

|

24/12/2023

|

01:13:16

About

Antonio, a security researcher, discusses his focus on fuzzing and invariant tests, key tools for testing in the blockchain space and his experiences with the yAcademy ZK Fellowship.

Summary

In this podcast, Antonio, a security researcher specializing in automated fuzz testing and invariant testing, explores script-editing, fuzz testing, and invariants. He shares experiences with security testing tools like Echidna, Foundry, and Medusa, highlighting their role in ensuring code robustness over the long term.

Antonio suggests starting with Foundry for its simplicity and transitioning to Echidna as project protocol understanding grows. He introduces 'Fuzzy,' his project aimed at making fuzz testing more accessible to protocols, emphasizing the importance of learning about invariants and system behavior before delving into fuzz testing.

The conversation touches on Formal Verification and its relationship with fuzz testing. Antonio explains that while formal verification offers higher assurance, fuzz testing is a preferred starting point due to its efficiency, especially for developers who may find formal verification more time-consuming.

Antonio reflects on his experience with the yAcademy ZK Fellowship and his belief in the potential of zero-knowledge proofs (ZK). He recommends entering the fellowship program with prior knowledge for maximum benefit, given its intensive nature.

In the final segment, Antonio outlines his current work, collaborating with protocols on security, preparing them for audits, and streamlining the process by eliminating low-hanging fruits before audits are initiated, ultimately saving time and resources.

discord