Smart contract vulnerabilities

[sydhds]

Intro

A list of smart contract vuln is available here.
While targeting Ethereum & Solidity SC, it's a good opportunity to check if this can apply to Massa as well.

Vulnerabilities

Forcibly Sending Ether to a Contract

• url : https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/forcibly-sending-ether.md
• Vulnerabilities kind: [Wrong SC developer assumption]
• Mitigation: dev guide?

Insufficient Gas Griefing

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/insufficient-gas-griefing.md
• Vulnerabilities kind: [Insufficient check (remaining gas)]
• Mitigation: dev guide?

Reentrancy

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/reentrancy.md
• Vulnerabilities kind: [Wrong SC developer code]
• Mitigation: dev guide?

Integer Overflow and Underflow

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/overflow-underflow.md
• Vulnerabilities kind:
• Mitigation: Provide a SafeMath lib by default in AS?
• Additional resources: SafeMath impl

Timestamp Dependence

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/timestamp-dependence.md
• Vulnerabilities kind: [Random] / [Wrong SC developer assumption]
• Mitigation: dev guide
  • What should we do for this functions?
    • crypto
    • Math.random

Authorization Through tx.origin

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/authorization-txorigin.md
• Vulnerabilities kind: ??
• Mitigation: Not sure if this applied to Massa SC?

Floating Pragma

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/floating-pragma.md
• Vulnerabilities: [Compiler version]
• Mitigation: Add a similar mechanism to prevent SC compilation if version does not match?
  • [Investigation] can we access the AS compiler version in code?

Function Default Visibility

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/function-default-visibility.md
• Vulnerabilities: [Wrong SC developer code]
• Mitigation: dev guide + tool to list exported functions

Outdated Compiler Version

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/outdated-compiler-version.md
• Vulnerabilities kind: [Compiler version]
• Mitigation: dev guide + explore Solidity compiler bugs
  • From bugs in solidity, add corresponding unit tests/fixes
  • Use the latest AssemblyScript compiler if it fixes some bugs, for now we are really late

Unchecked Call Return Value

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/unchecked-call-return-value.md
• Vulnerabilities kind: [Wrong SC developer code]
• Mitigation: Not sure if this applied to Massa SC?

Unprotected Ether Withdrawal

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/unprotected-ether-withdrawal.md
• Vulnerabilities kind: [Wrong SC developer code]
• Mitigation: dev guide?

Unprotected Selfdestruct Instruction

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/unprotected-selfdestruct.md
• Vulnerabilities kind:
• Mitigation: Does not apply to Massa SC (no selfdestruct functionnality)

State Variable Default Visibility

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/state-variable-default-visibility.md
• Vulnerabilities kind: []
• Mitigation: Does not apply to Massa SC (no variable visibility) but as wasm can be decompiled we could warn and tell devs to not put secrets/keys in variables. Alternative way for dev if it needs to do that?
  • Check Unencrypted Secrets section

TODO: add internal link to section

Uninitialized Storage Pointer

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/uninitialized-storage-pointer.md
• Vulnerabilities kind: [Unitialized variables]
• Mitigation: ?
  • [Investigation] Can we declare initialized var in AS?

Assert Violation

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/assert-violation.md
• Vulnerabilities kind:
• Mitigation: Does not apply to Massa SC (no require). Should we add this to dev guide: do not use assert in prod)?

Use of Deprecated Functions

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/use-of-deprecated-functions.md
• Vulnerabilities kind:
• Mitigation: Does not apply to Massa SC yet (no deprecated functions for now)

Delegatecall to Untrusted Callee

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/delegatecall-untrusted-callee.md
• Vulnerabilities kind: ??
• Mitigation: Not sure if this applied to Massa SC?

Signature Malleability

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/signature-malleability.md
• Vulnerabilities kind: [Wrong assumption about signatures]
• Mitigation: dev guide

Incorrect Constructor Name

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/incorrect-constructor.md
• Vulnerabilities kind:
• Mitigation: Does not apply to Massa SC

Shadowing State Variables

url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/shadowing-state-variables.md
Vulnerabilities kind:
Mitigation: dev guide
* [Investigation] can we have warnings for variable shadowing from AS compiler?

Weak Sources of Randomness from Chain Attributes

• url: Weak Sources of Randomness from Chain Attributes
• Vulnerabilities kind: [Randomn]
• Mitigation: ??
  [Investigation]:
  • https://ethereum.stackexchange.com/questions/191/how-can-i-securely-generate-a-random-number-in-my-smart-contract
  • https://docs.chain.link/vrf/v2/introduction

Missing Protection against Signature Replay Attacks

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/missing-protection-signature-replay.md
• Vulnerabilities kind: [Signature assumption]
• Mitigation: dev guide?

Requirement Violation

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/requirement-violation.md
• Vulnerabilities kind:
• Mitigation: Does not apply to Massa SC (no require function)

Write to Arbitrary Storage Location

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/arbitrary-storage-location.md
• Vulnerabilities kind:
• Mitigation: ??
  • [Investigation] repro from here

Incorrect Inheritance Order

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/incorrect-inheritance-order.md
• Vulnerabilities kind:
• Mitigation: Does not apply to Massa SC

Arbitrary Jump with Function Type Variable

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/arbitrary-jump-function-type.md
• Vulnerabilities kind: ??
• Mitigation:
  • [Investigation] function types support in AS? Can do the same thing with inline WASM instruction

Presence of Unused Variables

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/unused-variables.md
• Vulnerabilities kind: [Good practices]
• Mitigation:
  • [Investigation] turn on warnings for this for AS compiler?

Unexpected Ether Balance

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/unexpected-ether-balance.md
• Vulnerabilities kind: [Wrong dev assumption]
• Mitigation: dev guide

Unencrypted Secrets

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/unencrypted-secrets.md
• Vulnerabilities kind: [Secrets in code]
• Mitigation: dev guide
  • [Investigation] write a correct guessing game (to show alternatives)

Faulty Contract Detection

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/faulty-contract-detection.md
• Vulnerabilities kind:
• Mitigation: Does not apply to Massa SC?

Unclogged Blockchain Reliance

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/unclogged-blockchain-reliance.md
• Vulnerabilities kind: [Random]
• Mitigation:

TODO: internal link to other randomness issue

Inadherence to Standards

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/inadherence-to-standards.md
• Vulnerabilities kind: [Standard partially implemented]
• Mitigation: None?

Unprotected Callback

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/unprotected-callback.md
• Vulnerabilities kind: ??
• Mitigation:
  • [Investigation] TODO

Asserting EOA from Code Size

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/asserting-eoa-from-code-size.md
• Vulnerabilities kind: [Wrong dev assumption]
• Mitigation: dev guide?
  • [Investigation] should we provide an ABI call (e.g. is_eoa(address: Address)) for that?

Transaction-Ordering Dependence

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/transaction-ordering-dependence.md
• Vulnerabilities kind: [Wrong dev assumption]
• Mitigation: dev guide
  • [Investigation] implement commit-reveal scheme as an example in dev guide?

DoS with Block Gas Limit

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/dos-gas-limit.md
• Vulnerabilities kind: [Wrong dev assumption]
• Mitigation: dev guide

DoS with (Unexpected) revert

• url: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/dos-revert.md
• Vulnerabilities kind: [Wrong dev assumption]
• Mitigation: dev guide

Vulnerabilities (Specific to Massa)

Metering counters manipulation

[Investigation] Would it be possible for a SC to manipulate metering counters (as they are injected as global variables)

[damip]

Some more for Massa:

• faking assemblyscript / with bindgen serialization headers from the guest to pretend we're sending a 4 gigabyte buffer, thus causing memory overload on host preallocation
• are there any known attacks on the wasmer compilers themselves ? eg. zip bombs, infinite loop unrolling, small wasm files with recursive macros that expand infinitely on compilation etc...