...by Daniel Szego
"Simplicity is the ultimate sophistication."
Leonardo da Vinci

Saturday, January 7, 2017

Notes on testing a Bockchain application

Testing a Blockchain application is actually fundamentally different as testing a custom software solutions. The problem is that the domain of a usual Blockchain solution is usually in a domain that requires high privacy and security. Theoretically, the Blockchain technology itself provides a certain level of privacy and security, despite there have been already a lot of hacking both for the Bitcoin protocol and for systems like Ethereum as well (for instance the DAO). Consequently, testing a Blockchain application requires much more competence in the direction of system hacking or cryptography than traditional testing methodologies. Instead of classical tests, perhaps a better way to set up an explicate set of advisories as possible attacks and show that the system is immune for these attacks. Another point to consider, if it is possible to test a Blockhain platform itself from an application that is built on top. 
One way in this direction to formulate the problem from a quality management point of view and give an explicit set of rules that should be kept at the implementation in order the system to be secure. Example for such an initiative is the CryptoCurrency Security Standard (CCSS) for defining implementation rules for Bitcoin applications. 

Another way might be the direction of mathematical proofs if the program works as expected. One initiation is the formal verification from solidity.