Runtime Whitebox Fuzzer Operations Funding
# Runtime Whitebox Fuzzer Operations Funding
**Requested amount:** 1,900 USDT
**Beneficiary:** `14DsLzVyTUTDMm2eP3czwPbH53KgqnQRp3CJJZS9GR7yxGDP`
**Proposer:** `Bryan Chen`
**Project repository:** [polkadot-fellows/runtime-whitebox-fuzzer](https://github.com/polkadot-fellows/runtime-whitebox-fuzzer)
**Period covered:** 2 months retroactive operation and 6 months forward operation
## Summary
This proposal requests **1,900 USDT** from the Polkadot Fellowship Treasury to cover only the operational costs of running and scaling the **Runtime Whitebox Fuzzer (RWF)**: dedicated server costs and the ChatGPT subscription plan used for AI-assisted analysis. It does not request funding for salary, development compensation, or other expenses.
RWF is an AI-assisted analysis runner for Polkadot SDK and runtime repositories. It was developed as part of the [Polkadot Security Working Group](https://github.com/polkadot-fellows/working-groups/blob/main/0001-wg-polkadot-security.md).
RWF has now stabilized and has demonstrated that it can discover real issues in Polkadot SDK pallets and runtime configuration. The forward operating budget is **100 USDT per month for a dedicated server** and **200 USDT per month for the ChatGPT subscription plan**, which covers AI usage for RWF analysis of Polkadot SDK, RWF analysis of Fellowship runtimes, and the AI review workflow of the Fellowship runtimes repository.
## Background
RWF currently analyzes [paritytech/polkadot-sdk](https://github.com/paritytech/polkadot-sdk) using AI-assisted whitebox analysis. It helps identify edge cases, broken invariants, incorrect assumptions, test gaps, and runtime configuration issues.
Until now, RWF has been developed and run on my own machine. There has been no server cost, and AI usage has been paid from my own ChatGPT subscription plan.
The next step is to run RWF on a dedicated server, increase concurrency, and extend regular analysis to [polkadot-fellows/runtimes](https://github.com/polkadot-fellows/runtimes).
## Prior Results
So far, RWF has produced **4 private reports**, **8 public reports**, and multiple minor findings, including incorrectly configured tests.
Public reports:
- [paritytech/polkadot-sdk#12188](https://github.com/paritytech/polkadot-sdk/issues/12188) - pallet-alliance: init_members allows overlapping Fellow and Ally roles
- [paritytech/polkadot-sdk#12189](https://github.com/paritytech/polkadot-sdk/issues/12189) - pallet-alliance: announcements can become unsorted and unremovable
- [paritytech/polkadot-sdk#12190](https://github.com/paritytech/polkadot-sdk/issues/12190) - pallet-child-bounties: parent curator award records caller as child curator
- [paritytech/polkadot-sdk#12191](https://github.com/paritytech/polkadot-sdk/issues/12191) - pallet-alliance: kick_member leaves stale RetiringMembers storage
- [paritytech/polkadot-sdk#12192](https://github.com/paritytech/polkadot-sdk/issues/12192) - pallet-child-bounties: unassign_curator leaves cumulative fees inflated
- [paritytech/polkadot-sdk#12193](https://github.com/paritytech/polkadot-sdk/issues/12193) - pallet-uniques: force_item_status changes owner without moving reserved deposits
- [paritytech/polkadot-sdk#12194](https://github.com/paritytech/polkadot-sdk/issues/12194) - pallet-nft-fractionalization: fractionalize accepts zero fractions
- [paritytech/polkadot-sdk#12221](https://github.com/paritytech/polkadot-sdk/issues/12221) - asset-hub-rococo: NonTransfer proxy allows ForeignAssets and PoolAssets transfers
## Budget
### Retroactive Operation
For the first two months, RWF was developed and run on my own machine. The only cost was ChatGPT subscription usage.
The ChatGPT subscription plan costs **200 USD per month**. A rough estimate is that RWF used around **25%** of the monthly usage during this period, equal to **50 USD per month**.
**Retroactive cost:** 2 months x 50 USDT = **100 USDT**
### Forward Operation
RWF is now ready to scale beyond local execution. The forward monthly operating cost is:
- Dedicated server: **100 USDT per month**
- ChatGPT subscription plan: **200 USDT per month**
The ChatGPT subscription budget covers AI usage for RWF analysis of Polkadot SDK, RWF analysis of Fellowship runtimes, and the AI review workflow of the Fellowship runtimes repository.
**Forward cost:** 6 months x 300 USDT = **1,800 USDT**
### Total Request
- Retroactive operation: **100 USDT**
- Six-month forward operation: **1,800 USDT**
- **Total: 1,900 USDT**
Welcome to Technical Fellowship Community!
Join Fellowship
3 Jun 2026