<aside> 📘 Relates:
Solidity layout and access of storage state variables simply explained
Solidity delegatecall usage and pitfalls
Understanding Smart Contract Vulnerabilities
</aside>
Discover different types of smart contract vulnerabilities, and ways to safeguard against them.
Smart contracts are a breakthrough technology that has the potential to transform the way we do business and transfer value. However, just like any new technology, there are risks and vulnerabilities that must be taken into consideration. These vulnerabilities can be exploited by hackers to steal funds or disrupt the regular functioning of the contract. As the usage of smart contracts continues to expand, it is important for developers, users, and project communities to be aware of potential risks and vulnerabilities.
Unfortunately, in 2022, there were over 300 incidents stemming from various attack vectors such as smart contract hacks, rug pulls, web-based attacks like DNS attacks, phishing attacks, and many others. These attacks resulted in over $4.37 billion in investor and user funds being stolen from blockchain projects. According to a report, the total amount of funds lost due to smart contract exploits was $215 million in 2020, approximately $1.3 billion in 2021, and over double that amount in 2022, reaching $2.7 billion. The increasing number of web3 attacks caused by smart contract vulnerabilities is a pressing issue that cannot be ignored.
To promote a better understanding of smart contract security, we would like to outline a few attack vectors and ways to mitigate them.
Integer overflow and underflow attacks are common and relatively simple to execute in a smart contract. These attacks focus on transactions that allow unauthorized data or values to be input.
In the Ethereum Virtual Machine, integer data types have a finite size limit. For example, a uint256 variable can only store numbers within the range of [0, 2256-1]. Attempting to store a value that exceeds the upper limit of this range would result in an overflow, and the output would be zero. Conversely, underflow occurs when a variable is initialized at zero and an arithmetic function attempts to modify it by subtracting 1. The result would become 2256, causing the variable to underflow.
If user input for Solidity variables is not properly validated and calculations are performed that exceed the range of the data type storing them, they can be vulnerable to exploitation. It is essential to ensure that data types are correctly managed, and input values are validated before performing calculations to avoid these attacks.
Smart contract front-running is a type of attack where a front-runner attempts to execute a transaction by offering a higher fee. Miners then prioritize the front-runner's transaction, preempting transactions that were already pending. All front-running attacks have a common feature: the victim is attempting to execute a function from a contract with a particular state, while the attacker is trying to invoke the same function but earlier than the victim.
NFT marketplaces are one of the most profitable areas for front-running attacks, as a malicious actor may attempt to preempt transaction execution to gain an advantage. The attacker can purchase digital assets at a lower price and sell them for a higher profit when they become more valuable in the market.
One way to mitigate user-originating front-running attacks is to include a logic in the contract that sets an upper limit on gas fees. This prevents users from increasing the gas fee above this maximum threshold and receiving preferred transaction ordering. By implementing this method, the likelihood of front-running attacks can be reduced to a greater extent.
A sandwich attack is a form of front-running that targets DeFi protocols and services. In this type of attack, a malicious actor searches for a pending transaction on a network like Ethereum. Sandwiching involves placing one order just before and one order shortly after the target trade. The attacker essentially performs both a front-run and a back-run simultaneously, with the victim's transaction in the middle.
The attacker places two orders at the same time as other pending transactions to manipulate asset values. They first buy the asset the victim is exchanging to, for example, using Binance Coin (BNB) to exchange to Ether (ETH), knowing that the price of ETH is rising. Then, in order to make the victim pay a higher price for ETH, the attacker buys it at a lower price. The attacker later sells ETH for a higher price, making a profit.
The amount of Ether given to the initial user is sandwiched by the attacker's two transactions. The following trade will be more expensive because the attacker was successful in filling the order at their intended price. This sequence of events inflates the price of ETH, allowing the attacker to make money by outsmarting the trader and artificially increasing the price.
To avoid being sandwiched, the simplest technique is to place a limit order. Users can specify their fill price instead of relying on standard market orders, which are susceptible to slippage.
Cryptographic signatures are crucial components for authenticating transactions on the blockchain. When a transaction is signed with the corresponding private key, the initiator is associated with the transaction, enabling the blockchain accounting system to function effectively.