b3chain / Testing & Verification

Testing & Verification

Reproducible technical tests for every component of b3chain. This is the landing page for everything an independent reviewer needs to verify our claims: PoW reference code, multi-node regtest simulation, the structured Phase 11 self-audit, and a live 51% attack walkthrough.

Purpose: independent verification Environment: regtest only Languages: Python 3 + Bash + C++
Scope: Every script linked from this page runs on a local regtest environment so anyone can reproduce the results from a fresh checkout. Mainnet has not launched; the b3chain testnet is live for soak-testing only. No token, no airdrop. Parameters may change before any consensus freeze.

1. Reproducible tests #

Standalone scripts shipped in contrib/testing/. Run any of them on your own machine and diff the output against ours.

B3PoW-Scratch reference verifier

Standalone Python script: replays the B3PoW-Scratch v1.1.1 consensus vectors through the Python reference implementation and (optionally) verifies live blocks from a running node.
verify-b3pow.py PASS

B3PoW-Scratch consensus vectors

Canonical (header, prev_block_hash) → pow_hash pairs that pin the C++ port to the Python reference. Use them to validate any independent B3PoW-Scratch implementation.
b3pow_consensus_vectors.json PASS

Regtest network simulation

3-node regtest network mining a full 2016-block retarget period. Verifies block propagation, sync, mining, wallet sends, UTXO consistency.
regtest-simulation.sh PASS

Current test results

Summary of the latest C++ unit tests, Python functional tests, regtest simulation, and Phase 11 audit run.
summary UPDATED

Known limitations

Things this test corpus deliberately does not cover, and what an external auditor should still look at.
scope INFO

Reporting issues

How to file a bug, how to disclose a security finding privately, and what we'll respond to.
contact INFO

2. Phase 11 security audit #

A structured self-audit run before any mainnet launch. Each item below has a dedicated audit script and a result page with a tutorial, expected output, and how to reproduce. The full master checklist is doc/SECURITY-AUDIT.md.

Open the master checklist →

C-1..C-4 — Supply cap

Subsidy halves every 210 000 blocks; total supply caps at 20 999 999.97690000 B3C; subsidy is exactly 0 after halving 64.
audit-supply-cap.py PASS

H-1 — PoW / Block-ID isolation

Every PoW check uses GetPoWHash (B3PoW-Scratch v1.1.1); block IDs use GetHash (SHA-256d). Sub-checks H-1.1 verifier budget, H-1.2 LRU pad cache, H-1.3 HEADERS verification cap.
audit-b3pow-isolation.py PASS

N-1 — Network isolation

Bitcoin mainnet magic bytes are rejected; DNS seed list contains zero Bitcoin entries; mainnet vSeeds explicitly cleared.
audit-network-isolation.py PASS

W-1 — Address rejection

36 real Bitcoin addresses (P2PKH, P2SH, Bech32, Taproot) all rejected; xpub format isolated.
audit-address-rejection.py PASS

B-1 — BLAKE3 primitive determinism

SIMD BLAKE3 byte-identical to portable C reference across edge sizes and 1000-input fuzz. BLAKE3 is the inner round function of B3PoW-Scratch v1.1.1, so primitive determinism is a prerequisite for chain consensus.
audit-simd-blake3.py PASS

B-2 — Rebranding regression

Forbidden Bitcoin patterns absent from user-visible code. Caught and fixed leftover strings from the rebranding pass.
audit-rebranding.sh PASS

W-2 — HD wallet coin_type

BIP44 coin_type 9333 (mainnet) and 1 (testnet/regtest); descriptors differ from Bitcoin xpub derivations.
audit-hd-coin-type.py PASS

Live networks #

Beyond the local-only regtest scripts above, B3Chain also runs a permanent public testnet so anyone can soak-test against real network conditions (peer discovery, propagation latency, real difficulty retargeting) before mainnet launch.

Public testnet

Connect with b3chaind -chain=test, request free coins from faucet.b3chain.org, watch the chain on explorer.b3chain.org.
testnet-seed.b3chain.org LIVE

3. Attacks & defense #

Educational walkthroughs of how known PoW attacks work and what protects against them, with live regtest demonstrations.

A-1 — 51% attack (live demo)

End-to-end double-spend simulation: honest cluster vs attacker cluster, 6-confirmation reorg, Nakamoto math, cost calculator, defenses.
audit-51-attack-sim.py DEMO

4. Extended security evidence #

Three additional bodies of evidence layered on top of the Phase 11 self-audit: regression-testing what Bitcoin already proves, side-by-side measurements of BLAKE3 vs SHA-256, and a forward-looking improvement roadmap.

Bitcoin security inheritance

Bitcoin Core's full unit + functional suite, run unmodified on b3chain, classified into inherited / diverged-by-design / failing.
audit-bitcoin-inheritance.sh PENDING RUN

BLAKE3 vs SHA-256 comparison

Primitive throughput, block-validation wall time, length-extension demo, ASIC landscape, energy, attack surface, collision margin, and a B3PoW-Scratch vs SHA-256d PoW-level comparison.
contrib/testing/compare/ 8 PAGES

Security roadmap

Ten prioritised improvements: OSS-Fuzz, reproducible Guix builds, bench CI, external audit, bug bounty, PQC experiment, checkpoint ceremony, miner attestation, continuous 51%-attack monitoring (live), and M-14 operator-pinned recovery RPCs (live).
doc/SECURITY-ROADMAP.md 4 LIVE / 6 PROPOSED

Operator tools (M-14 + 51attack-watch)

The chain-recovery and 51%-attack-monitoring stack every b3chain seed operator runs. M-14 operator-pinned recovery RPCs (v1.1.3), the 51attack-watch.py monitoring daemon (v1.1.2), the 8-kind alert taxonomy, and the systemd deployment quick-start.
contrib/monitoring/51attack-watch.py LIVE

5. Run everything yourself #

Prerequisites

OS
Linux or WSL2 on Windows
Python
3.10 or later
blake3
pip3 install blake3
b3chaind
build with cmake (see build-unix.md)

One-shot

# Clone & build
git clone https://github.com/b3chain/b3chain.git
cd b3chain
mkdir build && cd build
cmake .. && cmake --build . -j$(nproc)
cd ..

# Reproducible tests
bash contrib/testing/regtest-simulation.sh
python3 contrib/testing/verify-b3pow.py

# Phase 11 self-audit (every check, incl. H-1.1/H-1.2/H-1.3 B3PoW sub-audits)
bash contrib/testing/audit/run-all.sh

Each script prints AUDIT RESULT: PASS or AUDIT RESULT: FAIL on its final line, and exits with the matching exit code.