Cover photo

TempleDAO Exploit: A Simple Guide to Understanding the $2.3M Access Control Attack

post image
 function migrateStake(address oldStaking, uint256 amount) external{
       StaxLPStaking(oldStaking).migrateWithdraw(msg.sender,amount);
        _applyStake(msg.sender, amount);
    }

Introduction: In October 2022, the TempleDAO staking contract on the Ethereum network suffered a significant security breach, resulting in a loss of approximately $2.3 million. This attack was a classic example of poor access control, which is one of the most common vulnerabilities in smart contracts. In this blog post, we'll break down the attack step-by-step and discuss how it could have been prevented.

Step 1: Understanding the Vulnerability The TempleDAO contract provided a migrateStake function to allow users to move their stake from an old contract to a new one. The function would call the migrateWithdraw function from the old staking contract, which should transfer the specified amount from the user to the new contract and revert if unsuccessful. The new contract would then apply the stake using the _applyStake function.

However, the issue here is that the contract does not verify the legitimacy of the old staking contract address. This oversight allows an attacker to pass a malicious contract address that never reverts, making it easy to exploit.

Step 2: Performing the Attack To execute the attack, an attacker would create a malicious contract that does not revert when receiving a call to migrateWithdraw. Next, they would call the migrateStake function with the malicious contract address and a large number (e.g., MAX_UINT256) as the amount. This would result in the attacker receiving a substantial number of tokens.

Preventing the Attack: Possible Mitigations To protect against this type of attack, there are a few possible mitigations that could be implemented:

  1. Maintain a list of valid old staking contract addresses and whitelist them. This would require an owner if the list needs to be dynamic.

  2. Implement additional checks to ensure the legitimacy of the old staking contract.

Conclusion: The TempleDAO exploit serves as a valuable lesson for smart contract developers, highlighting the importance of access control and proper security measures. By understanding the steps involved in this attack and implementing the suggested mitigations, developers can better protect their smart contracts from similar vulnerabilities in the future.

post image

Github Repo:

https://github.com/coinspect/learn-evm-attacks/tree/master/test/Access_Control/TempleDao