Smart contracts and Security Risks
Smart Contracts – The foundation of Blockchain
Smart contracts are self-executing contracts when predetermined terms and conditions written into the code are met. Nick Szabo, an American computer scientist and a legal scholar first proposed the idea of smart contracts in 1994.
According to Szabo, a smart contract is a protocol that executes the terms of a contract and can also help in transferring digital assets when the conditions are satisfied.
Smart contracts are built on distributed ledger technology (DLT). Smart contracts resides on the application layer of the Blockchain.
Key Features of Smart Contracts
Distributed and Decentralized: Smart contracts are distributed network nodes. They serve as backbone for decentralized borrowing, lending platforms eliminating the need for intermediaries. Decentralization helps to avoid single points of failure.
Immutable: Once the blockchain is deployed, the smart contract cannot be changed or deleted. This establishes the principal of non-repudiation and maintains integrity of transactions.
Transparent: The code and transactions of smart contracts are public and visible on a blockchain which provides transparency. The contracts are available to verify the terms and conditions in it.
Trustless: Smart contracts can function without the need for intermediaries like banks to enforce agreements, which reduces costs and enables faster transactions.
Secure: All transactions are highly secured and tamper-resistant.
Attack Vectors on Smart Contracts and Mitigation Strategies:
Smart contracts are vulnerable to various types of vulnerabilities and attacks.
1. Re-entrancy Attacks
Re-entrancy is one of the most catastrophic attacks in smart contracts. This attack exploits the vulnerability in a smart contract when a function makes an external call to another contract before updating its own state. This executes recursive callback of the main function, which results in unintended loop, allowing the attacker to make recursive calls and drain funds or manipulate state. There are single function re-entrancy and cross-function re-entrancy attacks. An attacker can possibly drain all the funds from a contract.
Mitigation Strategies:
- Use of re-entrancy guards prevents a function from being called again before its first invocation is complete.
- Set gas limits and loops to prevent infinite loops and manage computation costs.
- To prevent inconsistencies, ensure the contact’s state is updated before transfers occur. This will add a layer of security even if an external call is hijacked.
- Minimize external calls in critical functions.
- Verify the smart contract by employing mathematical proofs to confirm the contract execution aligns with the intended logic.
- Implementing pull payment strategy, which allows users to withdraw funds themselves, rather than a contract pushing payments automatically.
- The most crucial of all is to conduct periodic audits to test and verify the smart contracts. These audits can identify potential vulnerabilities and reduce the risk of exploitation.
2. Smart Contract Overflow and Underflow Attack:
This vulnerability is initiated when transactions accept unauthorized input data or value, resulting in unexpected behaviour. This type of attack is used to manipulate balances or quantities.
Mitigation Strategies:
- SafeMath library can be used to perform arithmetic operations and avoid integer underflow and overflow vulnerabilities.
- Comprehensive data validation and verification.
- Bounds checking is another strategy to verify the input values are in acceptable range.
- Solidity 8.0 and later versions have inbuilt checks for overflow/underflow security issues.
3. Gas Limit Vulnerabilities
Every operation on blockchain platforms are performed by smart contracts that consumes a certain amount of gas, which is a computational value. Block gas limit is the maximum amount of gas that can be used in a single block. Functions that are susceptible to gas limit issues become inexecutable, resulting in locked funds or frozen contract state. When the number of iterations are not fixed, these types of vulnerability can cause loops and increase the number of iterations.
Mitigation Strategies:
- When loops are used, the developers should pay attention to the actions occurring within the loop to make sure the transaction does not consume excessive gas and does not go over the gas limit.
4. Denial of Service (DoS) Attacks:
A DoS attack on smart contract attempts to prevent processing legitimate transactions by overloading it with requests or large transaction volumes. Attackers can create transactions that requires excessive gas or issue multiple transactions that consume the gas limit, which prevents other transactions to be processed which is known as Block Stuffing. These attacks exploit the smart contract logic by triggering infinite loops.
Mitigation Strategies:
- Code written to limit and optimize gas.
- Limit access to functions within the contract.
- Limit loop iterations.
- Audit the smart contract code to examine the access rights to all function calls.
5. Timestamp Dependence
Smart contracts relying on block timestamps can be exploited in order to gain benefit by re-arranging the timestamp by few seconds. The timestamp dependence attack occurs due to flawed comprehension of timekeeping.
Mitigation Strategies:
- Avoid using timestamp value as an access control check for critical dependencies.
- Use caution when implementing time locks. Use conservative estimates in blockchain timestamps. If timestamps are necessary, ensure they are within reasonable range.
6. Access Control Vulnerabilities
Access Control vulnerability is a security flaw allowing unauthorized users access to modify, view or execute the smart contract’s data or functions. Access control attacks can lead attackers or unauthorized users to voting on proposals, withdrawing funds, pausing or executing contracts and change ownership.
Mitigation Strategies:
- Implement proper access controls based on RBAC (Roles Based Access Control) to manage permissions and ensure only authorized users can access functions. Using appropriate access control modifiers to sensitive functions.
- Initialization functions should only be called once and by authorized entities.
7. Front-Running Attacks:
Front-Running is a type of attack exploitation where a malicious actor exploits knowledge of pending transactions in a blockchain network by submitting their own transaction with higher gas fee to be processed first. This type of attack is prevalent in decentralized finance (DeFi) ecosystems. This leads to significant financial losses. Front-runners falsely inflate or deflate token prices by executing large trades ahead of others.
Mitigation Strategies:
- Use Commit-Reveal schemes a two-step process where users commit to an action without revealing details and then disclose the same information later, making it harder for attackers to anticipate and exploit transactions.
- Combine several transactions together and make it one unit to make it difficult for attackers to exploit individual trades.
- Continuous monitoring is recommended for automated bots and scripts that might exploit the front-running opportunities for early detection and mitigation.
A smart contract security audit is a critical process to ensure smart contracts are secure, functional and free from vulnerabilities before they are deployed in a blockchain network. There are static and dynamic analysis tools used for auditing the code. Manual review of code is essential for identifying complex issues that the automated tools may not catch. Accompanied with audits, rigorous testing of individual functions and components of the smart contract ensures more stability and security. Analyse audit finding report and use recommendations to identify the needed mitigation strategies. Upon remediating the recommended changes, the contract is re-audited before deployment.
Smart contract security is critical to ensure the Confidentiality, Integrity and Availability (CIA Triad) of transactions on blockchain networks. Implementing robust security measures, best practises and continuous monitoring helps to build reliable and resilient contract ecosystems. As blockchain technology evolves, smart contract security remains crucial and requires continuous assessment to provide a secure environment for developing decentralized applications.
#SmartContract #SmartContractSecurity #SmartContractAudit #Vulnerabilities
About the Author
Aaradhana Parthiban
Lead Research – Web3 Security & Audit , Kazh Fintech Private Limited