1/ Part 2 of the compiler fuzzing series: 15+ miscompilations in production compilers -- Polkadot Revive, ZKsync, Solang, TON, Gno. Some earned bug bounties.
Every mutation is proven equivalence-preserving in Lean4 β any divergence is a real bug.
π§΅π https://t.co/ypJokmhDLC
6/ Hand-writing doesn't scale. A bottom-up enumerator proposes candidates, a Python mirror of the semantics fingerprints them, and the Lean kernel decides which are real.
Result: 1600+ machine-checked mutations, stacked together.
100+ compiler bugs found across 5 smart-contract compilers (Sui Move, Cairo, Solang, Solidity, Leo).
Coverage-guided fuzzing + tree-sitter + LLM-generated mutators. Not parser crashes β every bug is a real ICE from valid programs.
https://t.co/gei746QL2c
π§΅π
6/
Corpus + dict: collect broadly, minimize aggressively. Triage: LLM-driven dedup + MRE.
Three open-source utilities published, plus the complete Sui Move fuzzing harness with 884 custom mutators.
Skry: security tool for Sui Move contracts.
Hybrid static analysis + constrained LLM usage.
Focused on access control, centralization, and governance issues.
Tested on real Sui projects.
Proof-of-concept source code is available.
https://t.co/DrJoWP9KkC