peterborah / smart-contract-security-examples Goto Github PK
View Code? Open in Web Editor NEWSome example patterns for building fault-tolerant Ethereum smart contracts
License: Apache License 2.0
smart-contract-security-examples's People
Contributors
Stargazers
Watchers
Forkers
isghe veox ethers digideskio robin-- jakub-wojciechowski cryptobuks yosoyubik gnvsoftware foundingnimo sriharikapu sihoang bubble501 preetam007 shobeirimajidsmart-contract-security-examples's Issues
Bounty doesn't pay out correctly
(Pointed out by @redsquirrel.)
function claimBounty(BrokenToken target) {
if (owners[target] != 0 && target.totalSupply() > target.balance) {
totalBounty = 0;
claimed = true;
if(!owners[target].send(totalBounty)) throw;
}
}
The totalBounty is zeroed, but then used in the .send(), meaning the bounty will pay out zero.
Possible drain vector in TokenWithInvariants.sol?
I think 7d7ef27 might have introduced an attack vector. Also not sure what is meant by "griefing" in that commit.
As I understand, the contract demonstrates how recursive calls to withdraw() and fraudulent calls to deposit(...) would be stopped by a balance check and a throw. I assume it's thought that this.balance >= totalSupply is an acceptable state. It could happen, say, if someone sent more ether than the number of tokens they claim with deposit(amount). Then anyone could withraw the excess, but not so much that the function modifier checkInvariants() would fail.
However, if it was possible to force the contract into thinking that totalSupply has reduced without a reduction in this.balance, then it would be possible to subsequently withdraw the excess without triggering the modifier.
Just learning Solidity ATM, so can't provide actual working exploit code - sorry about that. Consider this two-stage attack:
First, recursively call withdraw() from contract A that has a balance in TWI as balanceOf[A]. Proceed as in the known race-to-empty attack, but at the bottom call, return the stolen ether, and transfer owned tokens to B. (The latter is similar to what TheDAO exploit did.)
After this execution, this.balance of TWI won't have changed, totalSupply will be reduced, and token balance will be transferred from A to B. (Faux stack in next comment.)
Second, execute a "classic" race-to-empty from contract B, up to the same number of times as in the first case. (No faux stack.)
This allows for the withdrawal of up to half of the ether in TWI, and rendering it useless due to totalSupply being reduced to zero. That is, half the tokens are used to extact the ether, and half are burned.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.