Month: February 2022

Security of Solidity Smart Contracts, EVM, Bridges

Smart Contracts are relatively short blocks of code that run on the Ethereum Virtual Machine (EVM), and deal with tokens of value. For example a contract may release funds when certain preconditions such are met, such as time elapsed, or a signed request received. The number of smart contracts and the value of transactions in smart contracts has grown quite a bit in the last few years along with the prices of cryptocurrencies. The code of the Smart Contract is always publicly available as bytecode which can be reverse engineered, and often the source code in solidity language is often publicly available. As a result, bugs in smart contracts have become attractive exploit targets. EVMs are a distributed computing construct that run in parallel on a network of participating nodes, coordinating their actions by a consensus mechanism and protocol that runs between the nodes.

https://blog.sigmaprime.io/solidity-security.html

https://rekt.news/superfluid-rekt/ newsletter reporting high level analysis recent attacks.

https://secureum.xyz

https://solidity-by-example.org/variables/ Solidity has 3 types of variables 1. local (inside function), 2. state (inside contract, outside function), 3. global (e.g. block.timestamp, msg.sender – chain level. provides info about the blockchain)

https://solidity-by-example.org/data-locations (storage, memory, calldata)

https://solidity-by-example.org/visibility/ (public, private, internal, external)

https://solidity-by-example.org/function-modifier (onlyOwner to restrict access, validAddress to validate address, noReentrancy to prevent reentrancy) Incorrect reentrancy is a source of bugs.

https://www.saurik.com/optimism.html – instrumenting the blockchain to find gaps (EthDenver talk).

Security of Bridges. Bridges are implemented as smart contracts between two different chains.

https://www.bitdefender.com/blog/hotforsecurity/smart-contract-exploit-costs-nomad-crypto-bridge-200-million/

Sequence diagram of a bridge operation in https://blog.harmony.one/introducing-horizon-an-ethereum-harmony-cross-chain-bridge/

Within the last year, bridges have accounted for a majority of the total funds stolen across all of the crypto ecosystem. Massive bridge hacks have occurred on average every few months, and each losing extremely large amounts of user funds. Some bridge hacks in the last couple of years have included the Axie Infinity Ronin bridge hack, losing users $625 million, the Wormhole bridge hack costing users $300 million, the Harmony bridge hack losing users $100 million, and just this last week the Nomad bridge hack, losing users almost $200 million.

Detecting attacks

  • Code reviews for reentrancy bugs
  • Detection of source of a txn as a bad actor
  • Using ML for code analysis and bad actor detection

https://github.com/DicksonWu654/ethdenverhack – attempted using ML for detecting reentrancy attacks.

“from transformers import TFDistilBertModel, DistilBertTokenizerFast” # using a hugging face model

These guys had a funny presentation – https://www.youtube.com/watch?v=9oLuxJdrZwo