Attacking Ethereum Smart Contracts a deep dive after ~9 years of deployment
0 likes67 views
The OWASP Foundation presentation discusses Ethereum smart contracts, detailing their definition, writing, and capabilities within the blockchain. It highlights common vulnerabilities, listed as the OWASP Smart Contract Top 10, which include issues like reentrancy attacks and integer overflow. The conclusion emphasizes that smart contract security is a complex problem influenced by programming issues, blockchain features, and platform characteristics.
![OWASP FOUNDATION owasp.org
How are Smart Contracts written?
Turing-complete programming language that can be used to
create “contracts” that can be used to encode arbitrary state
transition functions [...]. The code in Ethereum contracts is
written in a low-level, stack-based bytecode language, referred
to as “Ethereum virtual machine code” or “EVM code”. The code
consists of a series of bytes, where each byte represents an
operation
https://ethereum.org/669c9e2e2027310b6b3cdce6e1c52962/Ethereum_Whitepaper_-_Buterin_2014.pdf](https://image.slidesharecdn.com/simoneonofri-owaspitalyday2023-11thseptpolimiv02-230926182203-a741e6c5/85/Attacking-Ethereum-Smart-Contracts-a-deep-dive-after-9-years-of-deployment-6-320.jpg)
![OWASP FOUNDATION owasp.org
What can be done with Smart Contracts?
systems which automatically move digital assets according to
arbitrary pre-specified rules. For example, one might have a
treasury contract of the form "A can withdraw up to X currency
units per day, B can withdraw up to Y per day, A and B together can
withdraw anything, and A can shut off B's ability to withdraw".
[…]
https://ethereum.org/669c9e2e2027310b6b3cdce6e1c52962/Ethereum_Whitepaper_-_Buterin_2014.pdf](https://image.slidesharecdn.com/simoneonofri-owaspitalyday2023-11thseptpolimiv02-230926182203-a741e6c5/85/Attacking-Ethereum-Smart-Contracts-a-deep-dive-after-9-years-of-deployment-7-320.jpg)
![OWASP FOUNDATION owasp.org
What can be done with Smart Contracts?
[…]
The logical extension of this is decentralized autonomous
organizations (DAOs) - long-term smart contracts that contain
the assets and encode the bylaws of an entire organization
https://ethereum.org/669c9e2e2027310b6b3cdce6e1c52962/Ethereum_Whitepaper_-_Buterin_2014.pdf](https://image.slidesharecdn.com/simoneonofri-owaspitalyday2023-11thseptpolimiv02-230926182203-a741e6c5/85/Attacking-Ethereum-Smart-Contracts-a-deep-dive-after-9-years-of-deployment-10-320.jpg)
![OWASP FOUNDATION owasp.org
Vulnerable Contract
0x6060604052361561008a576000357c0100000000000000000000000000000000000000000000000000000000900480
63095ea7b3146100b857806318160ddd146100ed57806323b872dd146101105780632e1a7d4d1461014e57806370a082
311461017a578063a9059cbb146101a6578063d0e30db0146101db578063dd62ed3e146101fe5761008a565b6100a25b
6000610098610887565b905061009f565b90565b6040518082815260200191505060405180910390f35b6100d7600480
803590602001909190803590602001909190505061061a565b6040518082815260200191505060405180910390f35b61
00fa6004805050610757565b6040518082815260200191505060405180910390f35b6101386004808035906020019091
9080359060200190919080359060200190919050506103df565b6040518082815260200191505060405180910390f35b
610164600480803590602001909190505061077b565b6040518082815260200191505060405180910390f35b61019060
04808035906020019091905050610233565b6040518082815260200191505060405180910390f35b6101c56004808035
906020019091908035906020019091905050610271565b6040518082815260200191505060405180910390f35b6101e8
6004805050610887565b6040518082815260200191505060405180910390f35b61021d60048080359060200190919080
359060200190919050506106ee565b6040518082815260200191505060405180910390f35b6000600060005060008373
ffffffffffffffffffffffffffffffffffffffff16815260200190815260200160002060005054905061026c565b9190
50565b600081600060005060003373ffffffffffffffffffffffffffffffffffffffff16815260200190815260200160
00206000505410156102af57610002565b6102e8600060005060008573ffffffffffffffffffffffffffffffffffffff
ff168152602001908152602001600020600050548361091f565b15156102f357610002565b81600060005060003373ff
ffffffffffffffffffffffffffffffffffffff16815260200190815260200160002060008282825054039250508[…]
https://etherscan.io/address/0xd654bDD32FC99471455e86C2E7f7D7b6437e9179
Opcodes:
0x60: PUSH1 EVM opcode
0x60: The free memory pointer
0x60: PUSH1 EVM opcode
0x40: Memory position for the free memory pointer
MSTORE : EVM opcode is 0x52](https://image.slidesharecdn.com/simoneonofri-owaspitalyday2023-11thseptpolimiv02-230926182203-a741e6c5/85/Attacking-Ethereum-Smart-Contracts-a-deep-dive-after-9-years-of-deployment-20-320.jpg)
![OWASP FOUNDATION owasp.org
Increment uint8 (2^8-1) in Solidity
0+1=1
1+1=2
2+1=3
[…]
253+1=254
254+1= 255
255 + 1 = 0](https://image.slidesharecdn.com/simoneonofri-owaspitalyday2023-11thseptpolimiv02-230926182203-a741e6c5/85/Attacking-Ethereum-Smart-Contracts-a-deep-dive-after-9-years-of-deployment-30-320.jpg)
Attacking Ethereum Smart Contracts a deep dive after ~9 years of deployment
- 1. OWASP FOUNDATION ® Attacking Ethereum Smart Contracts a deep dive after ~9 years of deployment Simone Onofri OWASP Italy Day 2023 Politecnico of Milan - 11th September 2023
- 3. Open: Everything at OWASP is radically transparent from our finances to our code. Innovative: We encourage and support innovation and experiments for solutions to software security challenges. Global: Anyone around the world is encouraged to participate in the OWASP community. Integrity: Our community is respectful, supportive, truthful, and vendor neutral OWASP FOUNDATION owasp.org • What are Smart Contracts? • What are the most common vulnerabilities? • Conclusions Agenda
- 4. Open: Everything at OWASP is radically transparent from our finances to our code. Innovative: We encourage and support innovation and experiments for solutions to software security challenges. Global: Anyone around the world is encouraged to participate in the OWASP community. Integrity: Our community is respectful, supportive, truthful, and vendor neutral OWASP FOUNDATION owasp.org • What are Smart Contracts? • What are the most common vulnerabilities? • Conclusions Agenda
- 5. OWASP FOUNDATION owasp.org What are Smart Contracts? Are simply programs that runs on the Ethereum blockchain. It’s a collection of code (its functions) and data (its state) that resides at a specific address on the Ethereum blockchain. https://ethereum.org/en/developers/docs/smart-contracts/
- 6. OWASP FOUNDATION owasp.org How are Smart Contracts written? Turing-complete programming language that can be used to create “contracts” that can be used to encode arbitrary state transition functions [...]. The code in Ethereum contracts is written in a low-level, stack-based bytecode language, referred to as “Ethereum virtual machine code” or “EVM code”. The code consists of a series of bytes, where each byte represents an operation https://ethereum.org/669c9e2e2027310b6b3cdce6e1c52962/Ethereum_Whitepaper_-_Buterin_2014.pdf
- 7. OWASP FOUNDATION owasp.org What can be done with Smart Contracts? systems which automatically move digital assets according to arbitrary pre-specified rules. For example, one might have a treasury contract of the form "A can withdraw up to X currency units per day, B can withdraw up to Y per day, A and B together can withdraw anything, and A can shut off B's ability to withdraw". […] https://ethereum.org/669c9e2e2027310b6b3cdce6e1c52962/Ethereum_Whitepaper_-_Buterin_2014.pdf
- 10. OWASP FOUNDATION owasp.org What can be done with Smart Contracts? […] The logical extension of this is decentralized autonomous organizations (DAOs) - long-term smart contracts that contain the assets and encode the bylaws of an entire organization https://ethereum.org/669c9e2e2027310b6b3cdce6e1c52962/Ethereum_Whitepaper_-_Buterin_2014.pdf
- 13. OWASP FOUNDATION owasp.org Screenshot dell’attaccco
- 15. OWASP FOUNDATION owasp.org What are Blockchain characteristics and how do they impact security? ● Immutable: Transactions are irreversible, meaning they can’t be undone once an action has been taken. ● Public: Both contracts and transactions are publicly accessible through the blockchain. ● Deterministic: The execution of a smart contract must yield the same result on any node. ● Limited: Smart contracts cannot call upon external resources unless they use Oracles. ● Permissionless: Everyone can publish and interact with contracts.
- 16. Open: Everything at OWASP is radically transparent from our finances to our code. Innovative: We encourage and support innovation and experiments for solutions to software security challenges. Global: Anyone around the world is encouraged to participate in the OWASP community. Integrity: Our community is respectful, supportive, truthful, and vendor neutral OWASP FOUNDATION owasp.org • What are Smart Contracts? • What are the most common vulnerabilities? • Conclusions Agenda
- 17. OWASP FOUNDATION owasp.org OWASP Smart Contract Top 10 (2023) • Reentrancy Attacks • Integer Overflow and Underflow • Timestamp Dependence • Access Control Vulnerabilities • Front-running Attacks • Denial of Service (DoS) Attacks • Logic Errors • Insecure Randomness • Gas Limit Vulnerabilities • Unchecked External Calls
- 18. OWASP FOUNDATION owasp.org OWASP Smart Contract Top 10 (2023) • Reentrancy Attacks • Integer Overflow and Underflow • Timestamp Dependence • Access Control Vulnerabilities • Front-running Attacks • Denial of Service (DoS) Attacks • Logic Errors • Insecure Randomness • Gas Limit Vulnerabilities • Unchecked External Calls
- 20. OWASP FOUNDATION owasp.org Vulnerable Contract 0x6060604052361561008a576000357c0100000000000000000000000000000000000000000000000000000000900480 63095ea7b3146100b857806318160ddd146100ed57806323b872dd146101105780632e1a7d4d1461014e57806370a082 311461017a578063a9059cbb146101a6578063d0e30db0146101db578063dd62ed3e146101fe5761008a565b6100a25b 6000610098610887565b905061009f565b90565b6040518082815260200191505060405180910390f35b6100d7600480 803590602001909190803590602001909190505061061a565b6040518082815260200191505060405180910390f35b61 00fa6004805050610757565b6040518082815260200191505060405180910390f35b6101386004808035906020019091 9080359060200190919080359060200190919050506103df565b6040518082815260200191505060405180910390f35b 610164600480803590602001909190505061077b565b6040518082815260200191505060405180910390f35b61019060 04808035906020019091905050610233565b6040518082815260200191505060405180910390f35b6101c56004808035 906020019091908035906020019091905050610271565b6040518082815260200191505060405180910390f35b6101e8 6004805050610887565b6040518082815260200191505060405180910390f35b61021d60048080359060200190919080 359060200190919050506106ee565b6040518082815260200191505060405180910390f35b6000600060005060008373 ffffffffffffffffffffffffffffffffffffffff16815260200190815260200160002060005054905061026c565b9190 50565b600081600060005060003373ffffffffffffffffffffffffffffffffffffffff16815260200190815260200160 00206000505410156102af57610002565b6102e8600060005060008573ffffffffffffffffffffffffffffffffffffff ff168152602001908152602001600020600050548361091f565b15156102f357610002565b81600060005060003373ff ffffffffffffffffffffffffffffffffffffff16815260200190815260200160002060008282825054039250508[…] https://etherscan.io/address/0xd654bDD32FC99471455e86C2E7f7D7b6437e9179 Opcodes: 0x60: PUSH1 EVM opcode 0x60: The free memory pointer 0x60: PUSH1 EVM opcode 0x40: Memory position for the free memory pointer MSTORE : EVM opcode is 0x52
- 22. OWASP FOUNDATION owasp.org Decompiled withdraw function https://etherscan.io/address/0xd654bDD32FC99471455e86C2E7f7D7b6437e9179
- 23. OWASP FOUNDATION owasp.org Attacker Contract by Nikolai Mushegian Decompiled https://etherscan.io/address/0x4AfB544Eb87265cF7Fc8fdB843c81d34F7E2A369
- 24. OWASP FOUNDATION owasp.org Attack Proof of Concept
- 25. OWASP FOUNDATION owasp.org OWASP Smart Contract Top 10 (2023) • Reentrancy Attacks • Integer Overflow and Underflow • Timestamp Dependence • Access Control Vulnerabilities • Front-running Attacks • Denial of Service (DoS) Attacks • Logic Errors • Insecure Randomness • Gas Limit Vulnerabilities • Unchecked External Calls
- 28. OWASP FOUNDATION owasp.org Vulnerable Contract
- 29. OWASP FOUNDATION owasp.org Integer Overflow and Underflow An integer overflow occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may wrap to become a very small or negative number. https://cwe.mitre.org/data/definitions/190.html
- 30. OWASP FOUNDATION owasp.org Increment uint8 (2^8-1) in Solidity 0+1=1 1+1=2 2+1=3 […] 253+1=254 254+1= 255 255 + 1 = 0
- 31. OWASP FOUNDATION owasp.org Attack Contract and PoC
- 32. OWASP FOUNDATION owasp.org OWASP Smart Contract Top 10 (2023) • Reentrancy Attacks • Integer Overflow and Underflow • Timestamp Dependence • Access Control Vulnerabilities • Front-running Attacks • Denial of Service (DoS) Attacks • Logic Errors • Insecure Randomness • Gas Limit Vulnerabilities • Unchecked External Calls
- 33. OWASP FOUNDATION owasp.org Abritrage CTF Admin has gifted you 5e18 Btokens on your birthday. Using A,B,C,D,E token pairs on swap contracts, increase your BTokens. Interface to Uniswap v2 https://quillctf.super.site/challenges/quillctf-x-quickswap/arbitrage
- 34. OWASP FOUNDATION owasp.org Vulnerability Description Arbitrage arises when price discrepancies exist across different markets, trading pairs or Liquidity Pools for the same asset. However, trading fees, gas fees, and slippage must be considered. To evaluate arbitrage opportunities it is possible to evaluate the indirect and circular trade “paths”, starting from B and ending with B when the exchange rate is calculated from the quantity of different tokens present in each pool. B -> A -> C -> B B -> A -> D -> B B -> A -> E -> B B -> C -> A -> B B -> C -> D -> B B -> C -> E -> B B -> D -> A -> B B -> D -> C -> B B -> D -> E -> B B -> E -> A -> B B -> E -> C -> B B -> E -> D -> B https://docs.uniswap.org/contracts/v2/concepts/core-concepts/pools
- 35. OWASP FOUNDATION owasp.org Attack Contract and PoC
- 36. Open: Everything at OWASP is radically transparent from our finances to our code. Innovative: We encourage and support innovation and experiments for solutions to software security challenges. Global: Anyone around the world is encouraged to participate in the OWASP community. Integrity: Our community is respectful, supportive, truthful, and vendor neutral OWASP FOUNDATION owasp.org • What are Smart Contracts? • What are the most common vulnerabilities? • Conclusions Agenda
- 37. OWASP FOUNDATION owasp.org Conclusions Smart Contract security is a composite problem that can be derived from: • Programming issues (e.g., arithmetic vulnerabilities). • Features of the blockchain (e.g., access control, weak sources of randomness). • Feature of the Platform (e.g., reentrancy, time dependence, frontrunning). But the main point is to understand the Business Logic of the Smart Contract we’re auditing.
- 39. OWASP FOUNDATION owasp.org Thank you to our sponsors