Research Summary: Attacks on Smart Contracts

You could use upgradable contracts though - For reference: Writing Upgradeable Contracts - OpenZeppelin Docs

2 Likes

Discussion Summary.

  • We present an up-to-date survey of smart contract security issues and their mitigations. We achieve this by combining the top research on smart contract security with cutting-edge open-source knowledge and information.
  • We find that almost all of the most common attacks could be avoided or at least severely mitigated by following better coding practices. This includes general principles as well as specific design patterns against given attack types.
  • The most common smart contract attack types are explained on a technical level and suggested mitigations against each one are given.

Tags.
Smart contract, Blockchain, Utility, and Network- security.

Points of Disagreements.

  • Although I didn’t talk much about mitigating damages after an attack.

To view the full post: Research Summary: Attacks on Smart Contracts - #3 by ode

Unresolved question.

  • Is it worth it to target and attack smart contracts? Because I feel it’s a waste of time and tools

View the full post here: Research Summary: Attacks on Smart Contracts - #13 by Never_in_trenches

Points of consensus.

Ambiguity

  • I agree with you on the ambiguity of frontrunning, because, as you point out, arbitrage is required for a well-functioning financial system.

View the full post here: Research Summary: Attacks on Smart Contracts - #9 by windr

Offered Solutions

Building secure administrated contracts

View full post:Research Summary: Attacks on Smart Contracts - #4 by Ulysses

Identification of Consequences.

  • The programming language is very nascent, notwithstanding the number of dapps built with it. Every day, developers are still figuring out different parameters for smart contract applications. While that happens, hackers also keep up with the updates and look for loopholes they can exploit.

View the full post-here:Research Summary: Attacks on Smart Contracts - #15 by Harvesto

  • Because the Solidity Language performs functions differently/uniquely from traditional programming languages, it is prone to bugs/vulnerabilities. As a result of this distinction, there is a schism between how programmers interpret/iterate the language and how the language executes instructions.

View full post-here:Research Summary: Attacks on Smart Contracts - #17 by Harvesto

Questions.

Unexplored territory in the discussion.

Key resources.

3 Likes

This is really a great summary @ode
Want expanciate more on Reentarncy attacts as one of the attacks on smart contract, because it really caught my attension:

Reentrancy is considered to be one of the most catastrophic attack techniques in the smart contract . This attack technique is able to fully destroy the contract or steal valuable information. Reentrancy may occur when a function calls for another contract through an outer call. Listing 1 below presents a code snippet which can be exploited to execute
a Reentrancy attack. The exploitation allows an attacker to execute a recursive callback of the main function, making anunintended loop which is repeated many times. For instance, when a vulnerable contract contains a revoke function, the contract may call the revoke function illicitly numerous times in order to drain any available balance the contract comprises. Single function Reentrancy attacks and cross function Reentrancy attacks are two different types that can be exploited by the attackers. The exploitation allows the attacker to use external calls to execute the desired tasks.

This are the remedy to this attacks

/better coding practices
/ automated tools
/ technology changes)

6 Likes

@ode Very interesting Research topic.
From my findings as published by Zignaly https://www.quora.com/What-are-the-most-common-attacks-on-smart-contracts-and-how-can-they-be-mitigated , it was stated that most common attacks are:

1.Reentrancy Attacks: Reentrancy attacks are when malicious actors exploit a vulnerability in a smart contract’s code to repeatedly call a function, leading to an unintended loss of funds. Reentrancy attacks can be mitigated by using a “checks-effects-interactions” (CEI) pattern, which requires that all the checks are done before any effects are made and that no interactions with other contracts occur before all effects have been applied.

  1. Race Condition Attacks: Race condition attacks are when an attacker attempts to execute two or more transactions in quick succession, exploiting a vulnerability in the smart contract’s code. Race condition attacks can be mitigated by using atomic transactions, which ensures that all transactions in a group are either executed in full, or none at all.

  2. Front Running Attacks: Front running attacks are when an attacker takes advantage of the time between when a transaction is a broadcast and when it is mined into a block. Front-running attacks can be mitigated by using a mechanism such as an auction or lottery, which forces the attacker to wait until the completion of the auction or lottery before they can make their transaction.

There are obviously more types, for example, the Denial of Service (DoS), but the above-stated ones are usual.

Hope it helps!

6 Likes

@ode nice research topic .
want to chip in on ; INCORRECT CALCULATION OF THE OUTPUT TOKEN AMOUNT

Another smart contract weakness can be found in some modern DeFi smart contracts that deal with enormous amounts of money depicted in tokens or ETH value.

  • INCORRECT CALCULATION OF THE OUTPUT TOKEN AMOUNT

In such protocols, a lot of operations in contract logic are connected with tokens’ transfers to and from the contract. It creates a wide field for different mistakes connected to correct percentages, fees, and profits calculations.

The most common errors include the following:

incorrect decimals handling, especially when dealing with such a token as USDT;

incorrect order of operation during fees calculations, which leads to a significant accuracy loss;

the accuracy constant that was actually forgotten in the math operations.

All these errors lead to the loss of user funds or even tokens locked forever. Thus, one of the tasks of the contracts’ auditor is to check the correctness of the math operation. Such checks are also implemented in the most modern automated tools and static analyzers.

1 Like

SMART CONTRACT VULNERABILITIES FOUND BY BLAIZE

  • USING THE BLOCKHASH FUNCTION
    Using the blockhash function is a way of hacking smart contracts similar to the timestamp dependency. It is not recommended to use it for important components for the same reason as the timestamp dependency because miners can manipulate these functions and change the withdrawal of funds in their own favor. This is especially noticeable when the block hash is used as a source of randomness.

  • INCORRECTLY HANDLED EXCEPTIONS
    There are many situations where an exception can be thrown in Solidity, but the way these exceptions are handled is not always the same. Exception handling is based on interactions between contracts. Thus, contracts are vulnerable to attacks from malicious users, and if these exceptions are not handled properly, transactions will be rolled back.

  • INCORRECT WORK WITH ERC20 TOKEN
    There is a well-known OpenZeppelin implementation of the ERC-20 token that is overused in modern protocols. In most cases, it is completely applicable, and its functionality is enough for correct financial operations. Yet, there is a place for custom implementations of a token standard. Thus, it creates a place for discrepancies between the newly created token and actual ERC20 standard – small inconsistencies like missing return value in transfer() function.
    Even though such errors might be very small, they may lead to the non-functional method of the contract since it will not be able to recognize the interface. It is a tiny mistake, almost not noticeable during testing, but in production, it leads to stuck funds and blocked contracts.

2 Likes

Thank you for sharing the common attacks on smart contracts and the ways they can be mitigated. You are correct that reentrancy attacks, race condition attacks, and front running attacks are some of the most common types of attacks on smart contracts.

Reentrancy attacks can be mitigated by using the checks-effects-interactions (CEI) pattern, which ensures that all checks are performed before any effects are made and that no interactions with other contracts occur before all effects have been applied. Race condition attacks can be mitigated by using atomic transactions, which ensure that all transactions in a group are either executed in full or not at all. Front running attacks can be mitigated by using mechanisms such as auctions or lotteries, which force the attacker to wait until the completion of the auction or lottery before they can make their transaction.

It is also worth noting that denial of service (DoS) attacks, in which an attacker intentionally overloads a smart contract or network with requests in order to make it unavailable to legitimate users, can also be a concern. One way to mitigate DoS attacks is to use a decentralized network, such as Ethereum, which is less vulnerable to DoS attacks because it is spread across many nodes rather than relying on a single centralized server.

1 Like

Thank you for sharing this information about incorrect calculation of the output token amount as a weakness in some smart contracts. You are correct that this can be a concern, especially in protocols that deal with large amounts of money depicted in tokens or ETH value.

Errors such as incorrect handling of decimals, incorrect order of operations during fees calculations, and the use of an incorrect accuracy constant in math operations can all lead to the loss of user funds or even tokens being locked forever. These types of errors can be particularly concerning in decentralized finance (DeFi) protocols, where users rely on the accuracy of the smart contracts to manage their funds.

To mitigate these risks, it is important for smart contract developers to carefully test and audit their contracts for math errors, and for users to be aware of the potential risks and to use caution when interacting with untested or unaudited contracts. Automated tools and static analyzers can also help to identify potential math errors in smart contracts.

1 Like

Thank you for sharing these additional vulnerabilities in smart contracts.

Using the blockhash function can be risky because miners can manipulate it to change the outcome of transactions in their favor. This can be particularly concerning if the blockhash function is used as a source of randomness, as it could potentially be exploited by malicious actors.

Incorrectly handled exceptions can also be a weakness in smart contracts. If exceptions are not handled properly, transactions can be rolled back, which can leave contracts vulnerable to attacks from malicious users.

Incorrectly working with ERC20 tokens can also be a problem, as small inconsistencies such as missing return values in the transfer() function can lead to non-functional methods and stuck funds. It is important for smart contract developers to carefully test and audit their contracts to ensure that they are working correctly with ERC20 tokens and other standards.

1 Like