Astar Network Integer Truncation Error Bugfix Review

Summary

On November 6, 2023, whitehat Farazsth98 of the Zellic team responsibly reported a vulnerability in the Astar Network node. Their finding was rewarded with a payout of $50,000 USD. The vulnerable component was responsible for exchanging information about transfers of ERC-20 tokens between execution environments. A successful attack could lead to discrepancies in the transfer amounts used in smart contracts inside the virtual machine and the Astar node execution environment.

Immunefi is pleased to have facilitated this responsible disclosure with our platform. Our goal is to make web3 safer by incentivizing whitehats to responsibly disclose bugs and receive clean money and reputation in exchange.

Introduction to Astar Network

Issues in blockchain nodes hold significant implications for the web3 ecosystem. A flaw like the one discussed in this post poses a threat to numerous projects operating on a shared platform. Despite having code that passed audits, a project can fall victim to attackers if an error is discovered in the smart contract execution environment.

Astar Network is a layer-1 blockchain written in Rust using the Substrate SDK, supporting both EVM and WASM smart contracts that can be written in various languages such as Rust, C/C++, C#, Go, etc.

The Polkadot ecosystem provides extensible components (pallets) that make the Substrate SDK flexible and adaptable to different use cases. Parachains, such as Astar Network, utilize pallets, including ensuring interoperability between smart contract execution environments.

The diverse development tools, coupled with capabilities, introduce a set of challenges for developers. Among these challenges is the incompatibility of execution environment architectures, leading to different execution outcomes for smart contracts in these environments. During integration code development, it is crucial to be aware of and appropriately handle cases where architectures are incompatible.

Being written in Rust, the Astar Network node utilized Rust primitive data types. These limited-size Rust primitive data types were used to parse data from the Ethereum Virtual Machine, which had a larger bit size.

Vulnerability Analysis

The researcher identified an issue in the Astar Network node component responsible for exchanging information about transfers of ERC-20 tokens between execution environments. During the transmission of amount information, numerical values changed their data type from a 256-bit unsigned integer to a 128-bit unsigned integer. Due to the difference in data type sizes, some bits are lost during the type conversion process. As a result, the destination runtime receives a numerical value different from what was used in the original runtime. Such data manipulation opens opportunities for attackers to exploit higher-level protocols built using smart contracts.

Proof of Concept (PoC)

Emerging on April 26, 2022, this bug jeopardized projects built on the Astar Network blockchain for over a year and a half. Decentralized exchanges utilizing automated market-making mechanisms stood out as the most obvious category of projects susceptible to attacks. As an actively developing platform, the Astar Network ecosystem was still in its early stages of project development. Not every DEX smart contract was vulnerable to the considered attack scenario. For instance, projects that were forks of Uniswap could not be exploited in the described manner. The code of such projects performs an invariant check after the swap operation to ensure that recipients receive the correct amount of tokens.

However, a vulnerable project, Kagla Finance, was identified on the Astar Network blockchain. To demonstrate the attack, the researcher developed a proof-of-concept where the attacker drains a liquidity pool. Through a function call to the exchange function, the actor transfers a number of tokens to the smart contract, the size of which overflows after type conversion, namely uint256(type(uint128).max) + 1.

The pool’s exchange function, after the call, invokes two transfer calls with numerical values of transferred funds:

• transferFrom(attacker, pool, 340282366920938463463374607431768211456)
• transfer(attacker, 291340481688343319786137)

These two calls are performed by the smart contract within the EVM, later intercepted by the Astar Network node. After processing, the liquidity pool receives 0 tokens due to a data type conversion error, while the attacker receives 291340481688343319786137 tokens.

Thus, in just the Kaggle Finance liquidity pool alone, funds amounting to approximately $267,678 USD were at risk of being drained. This is just one example of how smart contracts operating on a vulnerable blockchain can be attacked.

Following the successful demonstration of the attack scenario, Astar Network rewarded the researcher with a bounty of $50,000 USD.

Vulnerability Fix

The Substrate framework was designed with the consideration of insufficient sizes of Rust primitive data types. To address this issue, the sp_core library provides specific data types, including U256 (256-bit unsigned integer). Just two days after the report, as part of commit 823befe, developers fixed the vulnerable code by replacing the primitive data type with U256 from the sp_core library.

Acknowledgments

We extend our gratitude to the whitehat farazsth98 and the entire Zellic team for responsibly disclosing such a crucial bug in a timely manner. Special recognition also goes to the Astar Network team, who promptly responded to the report and patched the issue.

If you’re a developer or a whitehat considering a lucrative bug-hunting career in web3, this message is for you. With rewards 10–100x greater than those commonly found in web2, your efforts will pay off exponentially by transitioning to web3.

Check out the Web3 Security Library and start earning rewards on Immunefi — the leading bug bounty platform for web3 with the world’s biggest payouts.