Stacks DoS Bugfix Review
Summary
On November 17, 2023, an independent researcher who goes by the pseudonym Catchme reported a Critical vulnerability to Immunefi. This vulnerability was found to be targeting Stacks, a layer 2 for Bitcoin that enables smart contracts and decentralized applications using Bitcoin’s secure base layer. A bounty of $76,011 was paid for this finding.
Introduction to Stacks and Clarity
Central to the Stacks ecosystem is the smart-contract programming language, Clhttps://docs.stacks.co/clarity/overviewarity, which uses a LISP-like syntax. Unlike compiled languages, Clarity relies on interpretation for execution, adding a layer of security to smart contracts.
Proof of Transfer (PoX) Mining and Security Anchoring
Stacks employs Proof of Transfer (PoX) mining, further strengthening its security by anchoring it to the Bitcoin blockchain. Leader elections within the Stacks network occur on the Bitcoin blockchain, with Stacks miners subsequently generating new blocks on a separate Stacks blockchain.
Vulnerability Analysis
Within the Stacks network, nodes play a pivotal role in executing smart contracts and ensuring the smooth processing of user transactions. To disrupt the virtual machine, an attacker would need to send a transaction containing a malicious smart contract to the network.
The vulnerability that Catchme identified stemmed from a flaw in the Clarity virtual machine, leading to an unhandled exception. This unhandled exception, in turn, triggered the client node of Stacks to crash.
Vulnerability Fix
To mitigate this issue, it is imperative to modify the function, ensuring it returns a handled error in cases where a contract is absent, without relying on `.expect()`.
Acknowledgments
We extend our gratitude to Catchme for responsibly disclosing this vulnerability. We also acknowledge the prompt and diligent response from the Stacks team in addressing and patching the reported issue.
If you’re a developer or a whitehat considering a lucrative bug-hunting career in web3, this message is for you. With rewards that are 10 to 100 times greater than those commonly found in web2, your efforts will pay off exponentially by transitioning to web3.
To start your journey, explore the Web3 Security Library and begin earning rewards through Immunefi — the leading bug bounty platform for web3 with the world’s biggest payouts.
