Shanmuga BharathiOcean Protocol | Unprotected owner Withdrawl function leads to Sweeping of Contract's datatoken Bala…
Hello readers! This article showcases the medium-severity bug on the Ocean Protocol Dispenser contract, which allowed any user to call the ownerWithdraw() function and send the funds to the payment collector. By sending the funds to the payment collector address, the owner cannot make a successful dispense of data tokens to his destination address. Vulnerable Code: function ownerWithdraw(address datatoken) external nonReentrant { require( datatoken != address(0), 'Invalid token contract addre...
Shanmuga BharathiIncorrect Function visibility leads to the Stealing of Betverse ICO Tokens.
A critical vulnerability was discovered in one of the Testnet projects on the Immunefi Platform, the Betverse ICO Token contract’s transferTokenToLockedAddresses() function. The vulnerability was caused by mistakenly marking this function as public when it should have been an internal function. This mistake enabled anyone to transfer a specified amount of BToken (amount.div(term)) to the attacker's time lock address. Repeating this attack could lead to the sweeping of the BToken balance ...
Shanmuga BharathiRingDAO | Sending an arbitrary message without authorization of Dapps. Part-II
Protocol Overview:RingDAO is a decentralized community focused on the latest innovations in the cross-chain field within the web3 world. Our mission is to empower existing and future applications to interact seamlessly with multiple blockchain networks. Darwinia chain, is one of the project from RingDAO, It is a one of the earliest parachains in the Polkadot ecosystem, offering out-of-the-box cross-chain capabilities to exchange messages with other parachains and external Ethereum-compatible ...
Security Researcher 🧑🔬 Vulnerability and security research disclosure reports Web3 security and cybersec kinds of stuff here 🧑💻🔬
This write-up will explain my accidental discovery of a solidity compiler bug. During a security audit on a protocol, I came across an interesting and Known compiler bug on solidity. I quickly escalated to the Ethereum security team and got a well-expected response.
Compiler version affected:
0.8.19+commit.7dd6d404 and the latest release
Target EVM Version:
Default on Remix
Framework/IDE:
Remix IDE
Solidity version 0.8.0 or above promises to prevent arithmetic overflow and underflow errors by default.
But In certain circumstances, It throws unexpected results by producing large Unsigned integers when it is used with a Signed Integer. (int256)
I came across a protocol that uses signed and unsigned integers for subtracting, where its VARIABLE A and B are declared as int256 and subtraction is performed inside the type of unsigned integers as uint256(A - B).
Here I got an idea to test for arithmetic error, as I expected a large number to be produced by declaring Variable A lesser than Variable B and thus solidity program doesn't revert and produces (uint256.max) - (-C).
Here (-C) is the output value of int256 A - B.
A protocol, that I was involved in a security audit, uses it for reward calculation and fortunately, it is not exploitable by the nature of its design. 😮💨
Sample of Pseudovulnerable code:
struct UserInfo {
int256 rewardDebt;
}
int256 _accumulatedReward = int256((user.amount * accRewardPerShare) / ACC_REWARD_PRECISION);
uint256 _pendingRewards = uint256(_accumulatedReward - user.rewardDebt);
Input program that triggers the bug:
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
contract testMath {
//Numbers to Test
int256 a = 1;
int256 b = 10;
// This will be succeeded and Returns (uint256.max - 9)
function tests() public returns (uint256) {
uint256 o = uint256(a - b);
return o;
}
}
Expected Behaviour:
The uint256(A - B) should be aliased as uint256(a) - uint256(b) whether it's written as uint256(A-B).
pragma solidity ^0.8.0;
contract testMathRevert {
//Numbers to Test
int256 a = 1;
int256 b = 10;
// This will be Reverted;
function tests() public returns (uint256) {
uint256 o = uint256(a) - uint256(b);
return o;
}
}
Response from the Ethereum Security team:
This is a known issue and has been previously reported. It is scheduled to be addressed eventually to improve the situation for conversions, making different conversion behaviour (e.g. truncating vs reverting) explicit: https://github.com/ethereum/solidity/issues/11284
This write-up will explain my accidental discovery of a solidity compiler bug. During a security audit on a protocol, I came across an interesting and Known compiler bug on solidity. I quickly escalated to the Ethereum security team and got a well-expected response.
Compiler version affected:
0.8.19+commit.7dd6d404 and the latest release
Target EVM Version:
Default on Remix
Framework/IDE:
Remix IDE
Solidity version 0.8.0 or above promises to prevent arithmetic overflow and underflow errors by default.
But In certain circumstances, It throws unexpected results by producing large Unsigned integers when it is used with a Signed Integer. (int256)
I came across a protocol that uses signed and unsigned integers for subtracting, where its VARIABLE A and B are declared as int256 and subtraction is performed inside the type of unsigned integers as uint256(A - B).
Here I got an idea to test for arithmetic error, as I expected a large number to be produced by declaring Variable A lesser than Variable B and thus solidity program doesn't revert and produces (uint256.max) - (-C).
Here (-C) is the output value of int256 A - B.
A protocol, that I was involved in a security audit, uses it for reward calculation and fortunately, it is not exploitable by the nature of its design. 😮💨
Sample of Pseudovulnerable code:
struct UserInfo {
int256 rewardDebt;
}
int256 _accumulatedReward = int256((user.amount * accRewardPerShare) / ACC_REWARD_PRECISION);
uint256 _pendingRewards = uint256(_accumulatedReward - user.rewardDebt);
Input program that triggers the bug:
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
contract testMath {
//Numbers to Test
int256 a = 1;
int256 b = 10;
// This will be succeeded and Returns (uint256.max - 9)
function tests() public returns (uint256) {
uint256 o = uint256(a - b);
return o;
}
}
Expected Behaviour:
The uint256(A - B) should be aliased as uint256(a) - uint256(b) whether it's written as uint256(A-B).
pragma solidity ^0.8.0;
contract testMathRevert {
//Numbers to Test
int256 a = 1;
int256 b = 10;
// This will be Reverted;
function tests() public returns (uint256) {
uint256 o = uint256(a) - uint256(b);
return o;
}
}
Response from the Ethereum Security team:
This is a known issue and has been previously reported. It is scheduled to be addressed eventually to improve the situation for conversions, making different conversion behaviour (e.g. truncating vs reverting) explicit: https://github.com/ethereum/solidity/issues/11284
Shanmuga BharathiOcean Protocol | Unprotected owner Withdrawl function leads to Sweeping of Contract's datatoken Bala…
Hello readers! This article showcases the medium-severity bug on the Ocean Protocol Dispenser contract, which allowed any user to call the ownerWithdraw() function and send the funds to the payment collector. By sending the funds to the payment collector address, the owner cannot make a successful dispense of data tokens to his destination address. Vulnerable Code: function ownerWithdraw(address datatoken) external nonReentrant { require( datatoken != address(0), 'Invalid token contract addre...
Shanmuga BharathiIncorrect Function visibility leads to the Stealing of Betverse ICO Tokens.
A critical vulnerability was discovered in one of the Testnet projects on the Immunefi Platform, the Betverse ICO Token contract’s transferTokenToLockedAddresses() function. The vulnerability was caused by mistakenly marking this function as public when it should have been an internal function. This mistake enabled anyone to transfer a specified amount of BToken (amount.div(term)) to the attacker's time lock address. Repeating this attack could lead to the sweeping of the BToken balance ...
Shanmuga BharathiRingDAO | Sending an arbitrary message without authorization of Dapps. Part-II
Protocol Overview:RingDAO is a decentralized community focused on the latest innovations in the cross-chain field within the web3 world. Our mission is to empower existing and future applications to interact seamlessly with multiple blockchain networks. Darwinia chain, is one of the project from RingDAO, It is a one of the earliest parachains in the Polkadot ecosystem, offering out-of-the-box cross-chain capabilities to exchange messages with other parachains and external Ethereum-compatible ...
Share Dialog
Share Dialog
Security Researcher 🧑🔬 Vulnerability and security research disclosure reports Web3 security and cybersec kinds of stuff here 🧑💻🔬
Subscribe to Shanmuga Bharathi
Subscribe to Shanmuga Bharathi
<100 subscribers
<100 subscribers
No activity yet