Ethernaut Solutions: 1-Fallback

How to run: Deploy “Fallback” contract and copy the address Put this address as the value for Solution.fallbackContract state variable Deploy “Solution” contract along with 500 wei Run Solution.tellVictimBalance() – should return 0 wei Run Solution.tellAttackerBalance() – should return 500 wei Check the value of Fallback.owner – should show the address that deployed “Fallback” contract … Read more

Solidity Security Vulnerabilities: Floating Points and Numerical Precision

Solidity does not support floating point types and as such any such calculation needs to be simulated carefully with uint. This however can produce a vulnerability if not done right. Lets look at the contract FunWithNumbers from https://github.com/sigp/solidity-security-blog#15-floating-points-and-precision This line below is converting ETH to some token. The problem is in the division – if … Read more

Solidity Security Vulnerabilities: Denial Of Service (DOS)

These attacks can leave a contract inoperable either temporarily or permanently. There are many ways a contract can become inoperable; some are presented below: External function calls: An external function may maliciously use all gas when called, making a contract temporarily or even permanently inoperable. For example, the TrickleWallet at https://github.com/sigp/solidity-security-blog#the-vulnerability-10 issues a function call … Read more

Solidity Security Vulnerabilities: Unchecked Return Values

We can use .transfer() to send Ether which is considered safe as it reverts in case the transfer fails. We can also use .send() and .call() to transfer Ether but they only return a value of false if they fail. This creates a security vulnerability where an attacker can target a transaction that should have … Read more

Solidity Security Vulnerabilities: Short Address/Parameter Attack

Prior to Solidity v0.5.0, Smart Contracts suffered from vulnerability resulting from attacker using a shorter than required address as function parameter. The vulnerability resulted from EVM’s tendency to append zero’s at the end of calldata in case a parameter(in this case, an address) was shorter in length than it is by definition. Looking at example … Read more

Solidity Security Vulnerabilities: Entropy Illusion

There is no random() function in Solidity so the developers end up using other means of achieving randomness such as using hash of next block as a random value. If this source of entropy is not selected carefully, it can be used by an attacker to predict the next “random” value and exploit a contract.

Solidity Security Vulnerabilities: Default Visibility

Earlier version of solidity did not enforce defining visibility on functions. This created situations where an attacker would be able to call a function that he/she shouldn’t be. Recent Solidity versions enforce setting up visibility on every function so this vulnerability has been mitigated. However it is still important to review the visibility of all … Read more