Smart Contract Security Newsletter #40

[This newsletter is also translated to Korean by Richard Kim.]

Sign up to receive this newsletter in your favourite email client

Here are some of the things we’ve been working on in recent weeks:

• The Blockchain Security DB is an open-source (and machine-readable) database of security information for blockchain projects, containing information about past audits, bounty programs, and security contact info.

Some laudable efforts have been made recently to evaluate and compare the security of different projects (especially in DeFi). That’s a difficult and controversial undertaking, so we’ve decided to start just by presenting the information we could find without interpretation. Contribute by submitting a PR to the project or contribute to the Gitcoin grants.

• Soon you should be able to decompile EVM bytecode using our Solidity Visual Auditor, but meanwhile, signal your support by checking out its Gitcoin grants.

Distilled News

$5.7 million in miner fees

Last week you may have noticed that gas prices on the Ethereum network skyrocketed. Other than high transaction volume, it was mainly caused by a few transactions that paid millions of dollars in transaction fees. Mainly these two:

• Block 10241999 mined by Ethermine — 10,668 Ether (GasPrice: 508,034,850 Gwei)
• Block 10237208 mined by SparkPool — 10,668 Ether (GasPrice: 508,034,850 Gwei)

There are unproven theories on what caused these transactions, from software bugs to blackmailing partially hacked exchanges.

SparkPool and Ethermine both announced that they will be refunding the fees if the sender comes forward. However, at the time of the writing, no one has raised their hand and the pools are deciding to distribute the ETH to all the miners who were active on the day of those transactions. Good day to be mining.

Detecting transaction replacement attacks — Sam Moelius

Last year we published a paper systemizing front-running attacks on blockchain, Also here’s the video at SBC19 for those who prefer to watch the talk.

Transparent Dishonesty: Taxonomy of front-running attacks on Blockchain

The taxonomy of the front-running attacks helps to understand the process of different attack types and facilitates developing detection mechanisms. In this video, Sam Moelius of Trail of Bits, shows the attempt to implement a detection method for one of the specific attacks explained in the paper.

Solidity 0.6.9 0.6.10 Release

Solidity 0.6.9 was released on June 5th:

Solidity v0.6.9 adds SMT-checking to solc-js, allows calldata for all variables and provides a mechanism to specify an import directory.

A mere 6 days later, Solidity 0.6.10 dropped, establishing what must be a record release cycle time, even for Solidity! The gist of the bug is pretty low level:

This resulted in a bug related to calling library functions with calldata parameters via using for. More specifically, the compiler would copy all calldata arguments to memory first — like done for calls to public library functions. The internal library function would then receive the memory pointer but interpret it as a calldata pointer resulting in calldata reads at the wrong location and potential stack corruption. The stack corruption is caused by the fact that calldata pointers can use two stack slots while memory pointers always only use one stack slot. This can in turn cause problems for other variables and a wrong jump at the function return.

Research Papers

• Combining GHOST and Casper [Buterin et al.]
• An airdrop that preserves recipient privacy
• Blockchain with Varying Number of Players
• Bitcoin covenants unchained
• Smart Contract Fuzzing Based on Taint Analysis and Genetic Algorithms
• Crypto taint tracking [Patent]
• Symbolic Gas Vulnerability Detection and Attack Synthesis
• Verification of Ethereum Smart Contracts: A Model Checking Approach
• Smart Contract Vulnerabilities on the Ethereum Blockchain [MSc Thesis]
• GasFuzzer: Fuzzing Ethereum Smart Contract Binaries to Expose Gas-Oriented Exception Security Vulnerabilities
• DEPOSafe: Demystifying the Fake Deposit Vulnerability in Ethereum Smart Contracts
• Securing smart contract with runtime validation
• Behavioral simulation for smart contracts

Other Links

• SGAxe — How SGX Fails in Practice
• Analysis of EIP-1559 (fee market change) — Deribit
• Sourcify: Towards Safer Contract Interaction for Humans — Solidity Blog
• Details of firmware updates for Trezor One (1.9.1) and Trezor Model T (2.3.1)
• Time-Dilation Attacks on the Lightning Network — Discrete Blog
• Breaking the Solidity Compiler with a Fuzzer — Trail of Bits
• QuadrigaCX: A Review by Staff of the Ontario Securities Commission
• 2020 So Far: Personal Information Dumps and Cryptocurrency — harrydenley
• How Accurate is EtherScan? — Thomas Jay Rush
• zkRollup vs. Validium (StarkEx) — Matter Labs
• Verifying merkle multiproofs in solidity example — Miguel Mota
• Simplified Pricing for Nexus Mutual
• Tornado.cash compliance

If you enjoy this newsletter please share it with your friends, or ask them to sign up here Smart Contract Security Newsletter