Online Courses
Blockchain Security
Online Courses
Blockchain Security
  • Blockchain Security
  • Fundamentals of Blockchain Security
    • Introduction to blockchain
    • The promises of blockchain
    • Inside the blockchain hype
    • Blockchain structures
    • What is public-key cryptography?
      • How does public-key cryptography work?
      • Public-key cryptography in the blockchain
    • Security assumptions of public-key cryptography
      • Quantum computing
    • Hash function in blockchain
      • Properties of hash functions
      • Hash functions in the blockchain
      • Blockchain security hash key functions
    • Quiz
  • Consensus Algorithm Security
    • Introduction
      • The Byzantine generals problem
      • Security via scarcity
      • Common blockchain consensus algorithms
      • The longest chain rule
    • Proof of work
      • Inside PoW mining
    • Attacking proof of work
      • The 51% attack
      • Denial of service: Artificial difficulty increases
    • Proof of stake
      • Choosing the block creator
    • Attacking PoS consensus
      • XX% attack and the PoS "timebomb"
      • Fake stake attacks
      • Long-range attack
      • Nothing at stake problem
      • Sour milk attack
    • Quiz
  • Blockchain in Action
    • Nodes and network
      • Inside the node
      • How blocks are created
    • Attacking block creation
      • Denial-of-service
      • Frontrunning
      • Selfish mining
      • SPV mining
    • Attacking blockchain nodes
      • Blockchain software misconfiguration
      • Denial of service
      • Malicious transactions
    • Attacking the blockchain network
      • Eclipse attack
      • Routing attack
      • Sybil attack
    • Quiz
  • Smart Contract Security
    • What are smart contracts?
      • Smart contracts
    • General programming vulnerabilities
      • Arithmetic vulnerabilities
      • Right-to-left control character
    • Blockchain vulnerabilities
    • Ethereum vulnerabilities
    • Quiz
  • Beyond the Basics
    • Alternative distributed ledger architectures
      • Introduction to DAGs
      • Introduction to block lattices
      • Introduction to sidechains
    • Second-level blockchain protocols
      • How a state channel works
    • Advanced cryptography in blockchain
      • Multisignatures
      • Zero-knowledge proofs
      • Stealth addresses
      • Ring signatures
      • Commitment schemes
    • Quiz
  • Cumulative Quiz
Powered by GitBook
On this page
  • Denial of Service
  • Reentrancy
  • Short addresses
  • Unchecked return values
  1. Smart Contract Security

Ethereum vulnerabilities

Ethereum is the oldest smart contract platform. Many smart contracts built on it. More opportunity to identify vulnerabilities

An ethereum-specific vulnerabilities have been identified and exploited:

  • Denial of Service

  • Reentrancy

  • Short addresses

  • Unchecked return values

Denial of Service

function selectNextWinners(uint256 _largestWinner){
    for (uint256 i = 0; i < largestWinner; i++){
        // heavy code
    }
    largestWinner = _largestWinner;
}

Ethereum uses the concept of gas to protect against spam and other attacks. Every smart contract instruction requires gas to run, if a transaction runs out of gas before it completes, the entire execution is undone

Ethereum blocks have a set maximum gas value. Vulnerable smart contracts can be rendered completely unrunnable

Reentrancy

Ethereum smart contracts are commonly designed to send value between accounts

If an Ethereum smart contract is sent value, it is given the opportunity to run some code. Enables it to update its internal ledger, take action, etc.

Reentrancy vulnerabilities can exist if the receiving contract calls the sending contract. The sending contract may not have updated its internal state prior to sending value

The logic behind the code in fallback functions is good, however they can be vulnerable to exploitation

function withdraw(uint _amount) {
    require(balances[msg.sender] >= amount);
    msg.sender.call.values(_amount)();
    balances[msg.sender] -= _amount;
}

Logically the code makes sense, however the flow leaves it open to vulnerability

An attacker exploiting the reentrancy calls the withdrawal function multiple times before transactions are recorded

Short addresses

Ethereum right-pads function arguments if they are too short

This can create a vulnerability if a smart contract inconsistently specifies argument lengths.

  • E.g., address (fixed length) versus uint (set maximum length)

event Transfer(address _from, address indexed _to, uint256 _value);
function sendCoin(address to, uint amount) returns(bool sufficient) {
    if (balances[msg.sender] < amount) return false;
    balances[msg.sender] -= amount;
    balances[to] += amount;
    Transfer(msg.sender, to, amount);
    return true;   
}

Unchecked return values

Ethereum's low-level functions have inconsistent behavior when an error occurs, some throw an exception, some return false.

A failure to check function return values can leave a function vulnerable

function withdraw(uint _amount) public{
    require(balances[msg.sender] >= _amount);
    balances[msg.sender] -= _amount;
    etherLeft -= _amount;
    msg.sender.send(_amount);
}
PreviousBlockchain vulnerabilitiesNextQuiz

Last updated 10 months ago