Skip to content

Testing: Expand fuzzing for merkle proofs, XDR decoding, and webhook payloads #803

Description

@joelpeace48-cell

Context

Untrusted inputs (merkle proofs in register, XDR/event decoding, inbound webhook bodies) are prime
fuzz targets and likely under-fuzzed.

Scope

  • cargo-fuzz targets for proof verification and any custom decoding.
  • JS fuzzing for webhook/payload parsers and input validators.
  • Corpus + CI fuzz smoke run; longer scheduled fuzz job.

Acceptance criteria

  • Fuzz targets exist for each untrusted parser; CI runs a smoke fuzz; crashes block merge.

Verification

  • A seeded panic on malformed proof/payload is caught by the fuzzer.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions