https://github.com/nzt48/exploiting-smart-contract-vulnerabilities

Repository for "Exploiting smart contract vulnerabilities" bachelor thesis at School of Electrical Engineering, University of Belgrade. Paper (in Serbian) with 5 examples of vulnerable smart contracts and exploitation of them.
https://github.com/nzt48/exploiting-smart-contract-vulnerabilities

ethereum exploitation hacking security smart-contracts solidity

Last synced: about 14 hours ago
JSON representation

Repository for "Exploiting smart contract vulnerabilities" bachelor thesis at School of Electrical Engineering, University of Belgrade. Paper (in Serbian) with 5 examples of vulnerable smart contracts and exploitation of them.

• Host: GitHub
• URL: https://github.com/nzt48/exploiting-smart-contract-vulnerabilities
• Owner: NZT48
• License: gpl-3.0
• Created: 2022-07-03T13:59:33.000Z (over 2 years ago)
• Default Branch: main
• Last Pushed: 2023-09-10T12:21:55.000Z (over 1 year ago)
• Last Synced: 2023-09-10T13:33:34.173Z (over 1 year ago)
• Topics: ethereum, exploitation, hacking, security, smart-contracts, solidity
• Language: TeX
• Homepage:
• Size: 27.9 MB
• Stars: 9
• Watchers: 1
• Forks: 2
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# Exploiting Smart Contract Vulnerabilities

![Ethereum](https://img.shields.io/badge/Ethereum-3C3C3D?style=for-the-badge&logo=Ethereum&logoColor=white)

![Solidity](https://img.shields.io/badge/Solidity-%23363636.svg?style=for-the-badge&logo=solidity&logoColor=white)

Repository for ["Exploiting smart contract vulnerabilities" bachelor thesis](https://zenodo.org/record/6792551) at [School of Electrical Engineering](https://www.etf.bg.ac.rs/en), [University of Belgrade](http://www.bg.ac.rs/en/index.php). 

The paper is written in Serbian (Eksploatacija_propusta_u_pametnim_ugovorima.pdf) and there are 5 exmples of vulnerable smart contracts and how to exploit them with instructions in English. Everything is implemented in Solidity.

## Examples

1. NFT Auction

	* Implementation of auction that has reentrancy vulnerability

	* Inspired by [DAO hack](https://hackingdistributed.com/2016/06/18/analysis-of-the-dao-exploit/)

		

2. Hyperinflation

	* Smart contract that has half implementation of ERC20 contract with overflow vulnerability

	* Exploitation of this vulnerability leads to hyperinflation of token

	* Inspired by [BEC (BeutyChain) hack](https://medium.com/secbit-media/a-disastrous-vulnerability-found-in-smart-contracts-of-beautychain-bec-dbf24ddbc30e)

3. Ether chest

	* Smart contract that enables users to lock their Eth for some time

	* To exploit this contract attacker needs to combine reentracny, overflow and underflow vulnerabilities

4. King of Ether

	* Famous [king of ether game](https://www.kingoftheether.com/thrones/kingoftheether/index.html) with additional protection (checks if caller is smart contract and if it is stops function call)

	* Example of Denial of Service (DOS) attack

5. Giveaway

	* Contract that is giving away 10 Ethers, but you need to give 1 eth to enter the giveaway

	* Attacks combines unexpected ether vulnerability and bad usage of delegatecall

	

Instructions for running each example is in readme inside each example directories in src directory.

## Recommendations for developing safe smart contracts

* Use Checks-Effects-Interactions pattern

* Use pull over push pattern

* Implement circuit breakers

* Use formal verification

* Use modifiers only for checks

* Do not use kill and selfdestruct

* Keep the code small and modular

* Use events to track activities in smart contract

* Use well known libraries like the ones from [OpenZeppelin](https://github.com/OpenZeppelin)

* Don't forget that all data is public on blockchain

	* use commitment schemes with separate phases: first commit using the hash of the values and in a later phase revealing the values

* Limit the maximum number of Eth that contract can accept (if possible)

More useful recommendations [here](https://consensys.github.io/smart-contract-best-practices/)

## Smart contract security tools

* [Slither](https://github.com/crytic/slither) - Static Analyzer for Solidity 

* [Mythril](https://github.com/ConsenSys/mythril) - Security analysis tool for EVM bytecode

* [Manticore](https://github.com/trailofbits/manticore) - Symbolic execution tool 

* [Oyente](https://github.com/enzymefinance/oyente) - An Analysis Tool for Smart Contracts 

* [Echidna](https://github.com/crytic/echidna) - Ethereum smart contract fuzzer 

## Contributing

If you see any mistake or have improvement idea, feel free to open an issue and PR, or contact the author.

## License

[![License: GPL v3](https://img.shields.io/badge/License-GPLv3-blue.svg)](https://www.gnu.org/licenses/gpl-3.0)