Aa EOS is already leveraging WASM, do you know if they implement any hardening against these? I know they use wall clock measurements for some operations.
I mention in the talk that our fuzz tester, Guido Vranken, moved on to fuzzing WAVM (the wasm jit engine used in EOS) after v8. He earned some bounties (only some of them were related to WAVM) and several articles were written about it. I believe WAVM has some constants that can be set low enough to prevent JIT bombs, but I didn't follow the details so I'm not sure. Check out this commit, in particular the changes to WASMSerialization.cpp: https://github.com/EOSIO/eos/commit/af02ebba5d5797b6dcc2f06b...