feat(bip0032): add fuzz targets (#117)

koushiro · web-flow · commit eb3ef81899b0 · 2026-01-22T16:28:19.000+08:00
* feat(bip0032): add fuzz targets

* fix fmt
diff --git a/bip0032/AGENTS.md b/bip0032/AGENTS.md
@@ -8,6 +8,7 @@
 - `src/backend/` holds backend-specific secp256k1 implementations (k256, secp256k1, libsecp256k1).
 - Tests live in `src/tests.rs` (BIP-32 vectors and invalid key cases).
 - Benchmarks are a workspace member under `benchmarks/`, with bench targets in `benchmarks/*.rs` and `benchmarks/serialize/`.
+- Auxiliary tooling: `benchmarks/` for benches and `fuzz/` for fuzz targets.
 
 ## Build, Test, and Development Commands
 
@@ -16,6 +17,8 @@
 - `cargo test` runs unit tests for the enabled backend.
 - `cargo test --features secp256k1` or `cargo test --features k256ecdsa` runs tests against specific backends.
 - `just bench keygen` or `just benches` runs benchmarks (uses `benchmarks/` as the working dir); equivalent: `cargo bench --bench keygen -- --quiet` from `benchmarks/`.
+- `just fuzz <target> [runs]` runs fuzzing with nightly (`cargo +nightly fuzz`).
+- `just fuzz-clean` removes fuzz artifacts (`fuzz/artifacts`, `fuzz/corpus`).
 
 ## Coding Style & Naming Conventions
 
diff --git a/bip0032/Cargo.toml b/bip0032/Cargo.toml
@@ -1,5 +1,5 @@
 [workspace]
-members = ["benchmarks"]
+members = ["benchmarks", "fuzz"]
 resolver = "3"
 
 [workspace.package]
diff --git a/bip0032/fuzz/.gitignore b/bip0032/fuzz/.gitignore
@@ -0,0 +1,2 @@
+corpus
+artifacts
diff --git a/bip0032/fuzz/Cargo.toml b/bip0032/fuzz/Cargo.toml
@@ -0,0 +1,35 @@
+[package]
+name = "bip0032-fuzz"
+version = "0.0.0"
+authors = ["koushiro <koushiro.cqx@gmail.com>"]
+edition.workspace = true
+rust-version.workspace = true
+license.workspace = true
+publish = false
+
+[package.metadata]
+cargo-fuzz = true
+
+[dependencies]
+arbitrary = { version = "1", features = ["derive"] }
+bip0032 = { path = ".." }
+bs58 = "0.5"
+libfuzzer-sys = "0.4"
+
+[[bin]]
+name = "derive_path"
+path = "fuzz_targets/derive_path.rs"
+test = false
+doc = false
+
+[[bin]]
+name = "parse_path"
+path = "fuzz_targets/parse_path.rs"
+test = false
+doc = false
+
+[[bin]]
+name = "parse_xkey"
+path = "fuzz_targets/parse_xkey.rs"
+test = false
+doc = false
diff --git a/bip0032/fuzz/fuzz_targets/derive_path.rs b/bip0032/fuzz/fuzz_targets/derive_path.rs
@@ -0,0 +1,105 @@
+#![no_main]
+
+use arbitrary::Arbitrary;
+use bip0032::{
+    ChildNumber, DerivationPath, ExtendedKeyPayload, ExtendedPrivateKey, ExtendedPublicKey,
+    KnownVersion, backend::K256Backend,
+};
+use libfuzzer_sys::fuzz_target;
+
+#[derive(Debug, Arbitrary)]
+struct Input<'a> {
+    seed: &'a [u8],
+    path_bytes: &'a [u8],
+    max_seed_len: u8,
+    max_path_len: u8,
+}
+
+fn bounded_slice(bytes: &[u8], max_len: usize) -> &[u8] {
+    let len = bytes.len().min(max_len);
+    &bytes[..len]
+}
+
+fn build_path(bytes: &[u8], max_children: usize) -> (DerivationPath, bool) {
+    let mut children = Vec::new();
+    let mut has_hardened = false;
+
+    for chunk in bytes.chunks(5).take(max_children) {
+        if chunk.len() < 5 {
+            break;
+        }
+        let mut index_bytes = [0u8; 4];
+        index_bytes.copy_from_slice(&chunk[..4]);
+        let mut index = u32::from_le_bytes(index_bytes);
+        index &= 0x7FFF_FFFF;
+        let hardened = (chunk[4] & 1) == 1;
+
+        if let Ok(child) = ChildNumber::new(index, hardened) {
+            has_hardened |= hardened;
+            children.push(child);
+        }
+    }
+
+    (DerivationPath::from(children), has_hardened)
+}
+
+fn roundtrip_xprv(key: &ExtendedPrivateKey<K256Backend>) -> String {
+    let encoded = key.encode_with(KnownVersion::Xprv.version()).unwrap().to_string();
+    let payload = encoded.parse::<ExtendedKeyPayload>().unwrap();
+    let decoded = ExtendedPrivateKey::<K256Backend>::try_from(payload).unwrap();
+    let encoded2 = decoded.encode_with(KnownVersion::Xprv.version()).unwrap().to_string();
+    assert_eq!(encoded2, encoded);
+    encoded
+}
+
+fn roundtrip_xpub(key: &ExtendedPublicKey<K256Backend>) -> String {
+    let encoded = key.encode_with(KnownVersion::Xpub.version()).unwrap().to_string();
+    let payload = encoded.parse::<ExtendedKeyPayload>().unwrap();
+    let decoded = ExtendedPublicKey::<K256Backend>::try_from(payload).unwrap();
+    let encoded2 = decoded.encode_with(KnownVersion::Xpub.version()).unwrap().to_string();
+    assert_eq!(encoded2, encoded);
+    encoded
+}
+
+fuzz_target!(|input: Input<'_>| {
+    let seed_len = (input.max_seed_len as usize).min(64);
+    let seed = bounded_slice(input.seed, seed_len);
+
+    let max_children = (input.max_path_len as usize).min(32);
+    let (path, has_hardened) = build_path(input.path_bytes, max_children);
+
+    let master = match ExtendedPrivateKey::<K256Backend>::new(seed) {
+        Ok(master) => master,
+        Err(_) => return,
+    };
+
+    let derived = match master.derive_path(&path) {
+        Ok(derived) => derived,
+        Err(_) => {
+            if !has_hardened {
+                let _ = master.public_key().derive_path(&path);
+            }
+            return;
+        },
+    };
+
+    let xprv = roundtrip_xprv(&derived);
+    let xpub = roundtrip_xpub(&derived.public_key());
+
+    let path_str = path.to_string();
+    let parsed_path = path_str.parse::<DerivationPath>().unwrap();
+    assert_eq!(parsed_path.to_string(), path_str);
+
+    if !has_hardened {
+        let derived_pub = master.public_key().derive_path(&path).unwrap();
+        let xpub_from_pub = roundtrip_xpub(&derived_pub);
+        assert_eq!(xpub_from_pub, xpub);
+    } else {
+        assert!(master.public_key().derive_path(&path).is_err());
+    }
+
+    let xprv_payload = xprv.parse::<ExtendedKeyPayload>().unwrap();
+    assert!(xprv_payload.version().is_private());
+    let xpub_payload = xpub.parse::<ExtendedKeyPayload>().unwrap();
+    assert!(xpub_payload.version().is_public());
+});
diff --git a/bip0032/fuzz/fuzz_targets/parse_path.rs b/bip0032/fuzz/fuzz_targets/parse_path.rs
@@ -0,0 +1,105 @@
+#![no_main]
+
+use arbitrary::Arbitrary;
+use bip0032::{ChildNumber, DerivationPath};
+use libfuzzer_sys::fuzz_target;
+
+#[derive(Debug, Arbitrary)]
+struct Input<'a> {
+    path_bytes: &'a [u8],
+    mutate_bytes: &'a [u8],
+    max_children: u8,
+    mutate: bool,
+    mutate_ops: u8,
+}
+
+fn build_path(bytes: &[u8], max_children: usize) -> DerivationPath {
+    let mut children = Vec::new();
+
+    for chunk in bytes.chunks(5).take(max_children) {
+        if chunk.len() < 5 {
+            break;
+        }
+        let mut index_bytes = [0u8; 4];
+        index_bytes.copy_from_slice(&chunk[..4]);
+        let mut index = u32::from_le_bytes(index_bytes);
+        index &= 0x7FFF_FFFF;
+        let hardened = (chunk[4] & 1) == 1;
+
+        if let Ok(child) = ChildNumber::new(index, hardened) {
+            children.push(child);
+        }
+    }
+
+    DerivationPath::from(children)
+}
+
+fn mutate_path(s: String, bytes: &[u8], ops: usize) -> String {
+    if bytes.is_empty() || ops == 0 {
+        return s;
+    }
+
+    let alphabet = b"m/0123456789'hH";
+    let mut buf = s.into_bytes();
+    let len = bytes.len();
+
+    for i in 0..ops {
+        let b = bytes[i % len];
+        let action = b % 3;
+        let pos = if buf.is_empty() { 0 } else { (bytes[(i + 1) % len] as usize) % buf.len() };
+        let ch = alphabet[(bytes[(i + 2) % len] as usize) % alphabet.len()];
+
+        match action {
+            0 => {
+                let insert_pos = if buf.is_empty() { 0 } else { pos.min(buf.len()) };
+                buf.insert(insert_pos, ch);
+            },
+            1 => {
+                if !buf.is_empty() {
+                    buf[pos] = ch;
+                }
+            },
+            _ => {
+                if !buf.is_empty() {
+                    buf.remove(pos);
+                }
+            },
+        }
+    }
+
+    String::from_utf8_lossy(&buf).into_owned()
+}
+
+fn assert_child_bounds(path: &DerivationPath) {
+    for child in path.children() {
+        assert!(child.index() < (1u32 << 31));
+    }
+}
+
+fuzz_target!(|input: Input<'_>| {
+    let max_children = (input.max_children as usize).min(32);
+    let path = build_path(input.path_bytes, max_children);
+
+    let canonical = path.to_string();
+    let parsed = canonical.parse::<DerivationPath>().unwrap();
+    assert_eq!(parsed.to_string(), canonical);
+    assert_child_bounds(&parsed);
+
+    for child in parsed.children() {
+        let text = child.to_string();
+        let parsed_child = text.parse::<ChildNumber>().unwrap();
+        assert_eq!(parsed_child.index(), child.index());
+        assert_eq!(parsed_child.is_hardened(), child.is_hardened());
+    }
+
+    if input.mutate {
+        let ops = (input.mutate_ops as usize).min(8);
+        let mutated = mutate_path(canonical, input.mutate_bytes, ops);
+        if let Ok(parsed_mut) = mutated.parse::<DerivationPath>() {
+            assert_child_bounds(&parsed_mut);
+            let normalized = parsed_mut.to_string();
+            let parsed_again = normalized.parse::<DerivationPath>().unwrap();
+            assert_eq!(parsed_again.to_string(), normalized);
+        }
+    }
+});
diff --git a/bip0032/fuzz/fuzz_targets/parse_xkey.rs b/bip0032/fuzz/fuzz_targets/parse_xkey.rs
diff --git a/bip0039/justfile b/bip0039/justfile
diff --git a/justfile b/justfile
