chore: remove Rust dependency — tool is pure Python

RTOSploit · RTOSploit · commit d079ac620cb2 · 2026-03-26T05:48:49.000+05:30
- Remove Rust lint and test jobs from CI (were failing)
- Remove maturin from dev dependencies
- Remove Rust fuzzer section from installation docs
- Simplify Dockerfile to single-stage Python install
- Update architecture docs to reflect QEMU + Unicorn (no Rust)
- Fix license classifier in pyproject.toml (Apache-2.0)
- Add pytest-timeout to dev dependencies

The Rust crates (rtosploit-fuzzer, rtosploit-svd, rtosploit-payloads)
remain in the repo but are not built, tested, or required. The Python
Unicorn fuzzer at 700+ exec/sec replaced the Rust fuzzer.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -7,30 +7,6 @@ on:
     branches: [main]
 
 jobs:
-  lint-rust:
-    name: Rust Lint
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: dtolnay/rust-toolchain@stable
-        with:
-          components: rustfmt, clippy
-      - name: Check formatting
-        run: cargo fmt --all -- --check
-      - name: Clippy
-        run: cargo clippy --workspace -- -D warnings
-
-  test-rust:
-    name: Rust Tests
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: dtolnay/rust-toolchain@stable
-      - name: Build workspace
-        run: cargo build --workspace
-      - name: Test workspace
-        run: cargo test --workspace
-
   lint-python:
     name: Python Lint
     runs-on: ubuntu-latest
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -29,14 +29,11 @@ pytest tests/unit/test_cve.py -v          # CVE correlation
 pytest tests/unit/test_coverage_viz.py -v # Coverage viz
 pytest tests/unit/test_ci_pipeline.py -v  # CI pipeline
 
-# Rust tests
-cargo test --workspace
 ```
 
 ## Code Style
 
-- Python: follow PEP 8, use type hints, `from __future__ import annotations`
-- Rust: use `cargo fmt` and `cargo clippy`
+- Follow PEP 8, use type hints, `from __future__ import annotations`
 - Keep imports sorted (stdlib, third-party, local)
 
 ## Adding Vulnerability Scanner Modules
diff --git a/Dockerfile b/Dockerfile
@@ -1,35 +1,7 @@
-# ── Stage 1: Builder ─────────────────────────────────────────────
-FROM ubuntu:24.04 AS builder
-
-ENV DEBIAN_FRONTEND=noninteractive
-ENV PATH="/root/.cargo/bin:$PATH"
-
-RUN apt-get update && apt-get install -y --no-install-recommends \
-    python3.12 \
-    python3.12-dev \
-    python3-pip \
-    build-essential \
-    curl \
-    pkg-config \
-    && rm -rf /var/lib/apt/lists/*
-
-# Install Rust toolchain
-RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain stable
-
-WORKDIR /rtosploit
-COPY . .
-
-# Build Python package
-RUN pip3 install --break-system-packages -e .
-
-# Build Rust crates (release)
-RUN cargo build --release
-
-# ── Stage 2: Runtime ────────────────────────────────────────────
 FROM ubuntu:24.04
 
 LABEL description="RTOSploit — RTOS Exploitation & Bare-Metal Fuzzing Framework"
-LABEL version="2.5.1"
+LABEL version="2.6.0"
 
 ENV DEBIAN_FRONTEND=noninteractive
 
@@ -42,22 +14,10 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
     && rm -rf /var/lib/apt/lists/*
 
 WORKDIR /rtosploit
+COPY . .
 
-# Copy Python site-packages (installed dependencies + rtosploit egg-link)
-COPY --from=builder /usr/lib/python3/dist-packages /usr/lib/python3/dist-packages
-COPY --from=builder /usr/local/lib/python3.12/dist-packages /usr/local/lib/python3.12/dist-packages
-COPY --from=builder /usr/local/bin/rtosploit /usr/local/bin/rtosploit
-
-# Copy Rust release binaries
-COPY --from=builder /rtosploit/target/release/svd-gen /usr/local/bin/svd-gen
-
-# Copy project source, configs, and bundled firmware
-COPY rtosploit/ ./rtosploit/
-COPY configs/ ./configs/
-COPY vulnrange/ ./vulnrange/
-COPY pyproject.toml ./
+RUN pip3 install --break-system-packages -e . unicorn
 
-# Expose GDB stub and serial/UART ports
 EXPOSE 1234 4444
 
 ENTRYPOINT ["rtosploit"]
diff --git a/docs/architecture.md b/docs/architecture.md
@@ -1,6 +1,6 @@
 # Architecture
 
-RTOSploit is organized as a layered Python package with an optional native Rust component for performance-critical fuzzing. The system is designed around three entry points — interactive mode, CLI subcommands, and a programmatic Python API — all sharing the same core analysis and emulation engine.
+RTOSploit is a Python package with two emulation engines (QEMU for interactive debugging, Unicorn for high-speed fuzzing). The system is designed around three entry points — interactive mode, CLI subcommands, and a programmatic Python API — all sharing the same core analysis and emulation engine.
 
 ---
 
@@ -182,7 +182,7 @@ sequenceDiagram
     ci->>qemu: QEMUInstance.start(firmware, machine)
     qemu-->>ci: QEMU process running
 
-    ci->>fuzzer: launch rtosploit-fuzzer (or simulation)
+    ci->>fuzzer: launch FuzzEngine (QEMU or Unicorn)
     fuzzer-->>ci: crash JSON files + coverage bitmap
 
     ci->>qemu: QEMUInstance.stop()
@@ -298,7 +298,7 @@ flowchart TB
     subgraph Fuzzer["Fuzzing Layer"]
         harness["QEMU Harness\nqemu-system-arm -M mps2-an385"]
         bitmap["AFL Coverage Bitmap\n64KB shared memory"]
-        mutation["Mutation Engine\nrtosploit-fuzzer (Rust)\nor simulation mode"]
+        mutation["Mutation Engine\nUnicorn PIP or QEMU snapshot"]
         corpus["Corpus Manager\nseeds → interesting inputs"]
         crashes["Crash Collector\nJSON: registers, PC, fault addr"]
     end
diff --git a/docs/installation.md b/docs/installation.md
@@ -95,31 +95,15 @@ If you see a version below 9.0, RTOSploit will print an error and refuse to star
 
 ---
 
-## Native Rust Fuzzer (Optional)
+## Optional: Unicorn Engine
 
-Without the native fuzzer, RTOSploit runs in **simulation mode** — the dashboard and full pipeline work, but coverage is not driven by real mutation. Simulation mode is useful for:
-- Testing the pipeline and report generation
-- Demonstrating the interactive dashboard
-- CI dry-runs without fuzzing infrastructure
-
-To build the real fuzzer:
-
-### Prerequisites
-
-```bash
-# Install Rust toolchain
-curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
-source ~/.cargo/env
-```
-
-### Build
+For high-speed fuzzing of real hardware firmware (no QEMU machine required):
 
 ```bash
-cd rtosploit            # project root (contains Cargo.toml)
-cargo build --release -p rtosploit-fuzzer
+pip install unicorn
 ```
 
-The built binary is automatically detected when it is in `PATH` or in the Cargo output directory. RTOSploit checks for `rtosploit-fuzzer` at fuzz startup and falls back to simulation if not found.
+This enables the `--engine unicorn` option on `fuzz` and `rehost` commands, providing ~700 exec/sec with Peripheral Input Playback (PIP).
 
 ---
 
diff --git a/pyproject.toml b/pyproject.toml
@@ -16,7 +16,7 @@ keywords = ["security", "fuzzing", "embedded", "rtos"]
 classifiers = [
     "Development Status :: 3 - Alpha",
     "Intended Audience :: Information Technology",
-    "License :: OSI Approved :: GNU General Public License v3 (GPLv3)",
+    "License :: OSI Approved :: Apache Software License",
     "Programming Language :: Python :: 3",
     "Programming Language :: Python :: 3.10",
     "Programming Language :: Python :: 3.11",
@@ -39,10 +39,9 @@ dependencies = [
 dev = [
     "pytest>=7.0",
     "pytest-cov",
+    "pytest-timeout",
     "mypy",
     "ruff",
-    "black",
-    "maturin>=1.0",
 ]
 
 [project.scripts]
@@ -56,16 +55,6 @@ Repository = "https://github.com/Indspl0it/RTOSploit"
 path = "VERSION"
 pattern = "(?P<version>.+)"
 
-# Maturin configuration for building optional Rust/PyO3 extensions.
-# The default build backend remains Hatchling (pure-Python). Use Maturin
-# when you need to compile the Rust native module (rtosploit._native):
-#   maturin develop --release
-[tool.maturin]
-features = ["pyo3/extension-module"]
-python-source = "."
-module-name = "rtosploit._native"
-manifest-path = "Cargo.toml"
-
 [tool.ruff]
 line-length = 100
 target-version = "py310"
diff --git a/tests/unit/test_docs.py b/tests/unit/test_docs.py
@@ -64,15 +64,6 @@ def test_package_version_importable(self):
     def test_package_exports_key_modules(self):
         pass
 
-    def test_cargo_toml_exists(self):
-        assert Path("Cargo.toml").exists()
-
-    def test_cargo_workspace_members(self):
-        content = Path("Cargo.toml").read_text()
-        assert "rtosploit-fuzzer" in content
-        assert "rtosploit-svd" in content
-        assert "rtosploit-payloads" in content
-
     def test_license_file_exists(self):
         assert Path("LICENSE").exists()
 
