Runtime Whitebox Fuzzer Operations Funding

Requested amount: 1,900 USDT
Beneficiary: 14DsLzVyTUTDMm2eP3czwPbH53KgqnQRp3CJJZS9GR7yxGDP
Proposer: Bryan Chen
Project repository: polkadot-fellows/runtime-whitebox-fuzzer
Period covered: 2 months retroactive operation and 6 months forward operation

Summary

This proposal requests 1,900 USDT from the Polkadot Fellowship Treasury to cover only the operational costs of running and scaling the Runtime Whitebox Fuzzer (RWF): dedicated server costs and the ChatGPT subscription plan used for AI-assisted analysis. It does not request funding for salary, development compensation, or other expenses.

RWF is an AI-assisted analysis runner for Polkadot SDK and runtime repositories. It was developed as part of the Polkadot Security Working Group.

RWF has now stabilized and has demonstrated that it can discover real issues in Polkadot SDK pallets and runtime configuration. The forward operating budget is 100 USDT per month for a dedicated server and 200 USDT per month for the ChatGPT subscription plan, which covers AI usage for RWF analysis of Polkadot SDK, RWF analysis of Fellowship runtimes, and the AI review workflow of the Fellowship runtimes repository.

Background

RWF currently analyzes paritytech/polkadot-sdk using AI-assisted whitebox analysis. It helps identify edge cases, broken invariants, incorrect assumptions, test gaps, and runtime configuration issues.

Until now, RWF has been developed and run on my own machine. There has been no server cost, and AI usage has been paid from my own ChatGPT subscription plan.

The next step is to run RWF on a dedicated server, increase concurrency, and extend regular analysis to polkadot-fellows/runtimes.

Prior Results

So far, RWF has produced 4 private reports, 8 public reports, and multiple minor findings, including incorrectly configured tests.

Public reports:

• paritytech/polkadot-sdk#12188 - pallet-alliance: init_members allows overlapping Fellow and Ally roles
• paritytech/polkadot-sdk#12189 - pallet-alliance: announcements can become unsorted and unremovable
• paritytech/polkadot-sdk#12190 - pallet-child-bounties: parent curator award records caller as child curator
• paritytech/polkadot-sdk#12191 - pallet-alliance: kick_member leaves stale RetiringMembers storage
• paritytech/polkadot-sdk#12192 - pallet-child-bounties: unassign_curator leaves cumulative fees inflated
• paritytech/polkadot-sdk#12193 - pallet-uniques: force_item_status changes owner without moving reserved deposits
• paritytech/polkadot-sdk#12194 - pallet-nft-fractionalization: fractionalize accepts zero fractions
• paritytech/polkadot-sdk#12221 - asset-hub-rococo: NonTransfer proxy allows ForeignAssets and PoolAssets transfers

Budget

Retroactive Operation

For the first two months, RWF was developed and run on my own machine. The only cost was ChatGPT subscription usage.

The ChatGPT subscription plan costs 200 USD per month. A rough estimate is that RWF used around 25% of the monthly usage during this period, equal to 50 USD per month.

Retroactive cost: 2 months x 50 USDT = 100 USDT

Forward Operation

RWF is now ready to scale beyond local execution. The forward monthly operating cost is:

• Dedicated server: 100 USDT per month
• ChatGPT subscription plan: 200 USDT per month

The ChatGPT subscription budget covers AI usage for RWF analysis of Polkadot SDK, RWF analysis of Fellowship runtimes, and the AI review workflow of the Fellowship runtimes repository.

Forward cost: 6 months x 300 USDT = 1,800 USDT

Total Request

• Retroactive operation: 100 USDT
• Six-month forward operation: 1,800 USDT
• Total: 1,900 USDT