Popular Science | Blockchain Security Getting Started Notes

As more and more people participate in the blockchain industry, the new vitality of the industry, as well as the lack of relevant knowledge and lack of security awareness, gives attackers more opportunities. In the face of frequent security incidents, Slow Fog introduced the blockchain security entry notes series to introduce the blockchain security related terms to let the novices adapt to the block network crisis security world!

Series review:

Blockchain Security Getting Started Notes (1) | Slow Mist Science

Blockchain Security Getting Started Notes (2) | Slow Mist Science

Blockchain Security Getting Started Notes (3) | Slow Mist Science

Blockchain Security Getting Started Notes (4) | Slow Mist Science

Blockchain Security Getting Started Notes (5) | Slow Mist Science


Smart Contract Smart Contract

Smart Contract is not a new concept. As early as 1995, cross-disciplinary legal scholar Nick Szabo proposed that smart contracts are a set of promises defined in digital form, including where contract participants can execute. These promised agreements. In the field of blockchain, the essence of smart contract can be said to be a piece of code running in a blockchain network. It realizes the automatic processing of traditional contracts by computer instructions and completes the business logic given by users.

With the increasing number of blockchain smart contracts, there are more and more security issues exposed. Attackers can often exploit the vulnerability intrusion system to cause huge losses to smart contract users. According to SlowMist Hacked, only ETH is currently available. The losses on the three chains of EOS and TRON due to the attack of smart contracts are as high as $126,883,725.92 . The same attack features are more likely to be successful and cross-chain. We will introduce some in recent years. Common smart contract attack techniques.

Deal Rollback Attack Roll Back Attack

Roll Back Attack, hence the name, refers to the ability to roll back the status of a transaction. What does it mean to roll back specifically? Rollback specifically refers to restoring a state that has already occurred to what it did not happen. Then, the transaction rollback means to change the transaction that has already occurred into an unoccurring state. That is, the attacker has already had a payment action, but by some means, the transfer process has an error, thereby rolling back the entire transaction process and achieving the purpose of transaction rollback. This attack method is mostly caused by the smart contract on the blockchain. In the game, when the user's betting action and the contract's lottery action are within one transaction, that is, inline trading. The attacker can detect the certain status of the smart contract when the transaction occurs, learn the lottery information, and choose whether to roll back the bet transaction according to the lottery information.

This attack technique was often used on the EOS DApp in the early days, and then gradually spread to other public links such as the wave field. Up to now, 12 DApps have been attacked. The slow fog security team recommends that developers not put the user's bet and draw. In the same transaction, the attacker is prevented from realizing the transaction rollback attack by detecting the lottery status in the smart contract.

Trading Clash Attack Transaction Congestion Attack

Transaction Congestion Attack is an attack method for EOS on the game contract that uses Defer to draw prizes. The attacker can send a large number of defer transactions before the defer lottery transaction of the game contract by some means, malicious encroachment. The CPU resources in the block make the defer lottery transaction that should be executed in the specified block within the smart contract cannot be executed due to insufficient resources, and can only be executed until the next block. Since many game intelligence contracts on EOS use block information as the random number of the smart contract itself, the execution results of the same defer lottery transaction in different blocks are different. In this way, when the attacker knows that he can't win the prize, he will force the smart contract to re-open the prize by sending a large number of defer transactions, thus achieving the purpose of attack.

The attack was first discovered when the hacker loveforlover launched an attack against EOS.WIN. Then the same attack method was successfully obtained several times. According to SlowMist Hacked, there were 22 quiz DApps in 2019, thus losing a lot of money. Slow fog security team It is recommended that smart contract developers not use defer transactions for key operations that perform differently in different blocks, reducing the risk of contract attacks.

Random number attack Random Number Attack

Random Number Attack is an attack against the random number generation algorithm of smart contracts to predict the random number of smart contracts. At present, many games on the blockchain use the information on the chain (such as block time, future block hash, etc.) as the random number source of the game contract, also called the random number seed. A random number generated using such a random number seed is called a pseudo random number. Pseudo-random numbers are not really random numbers and there is a possibility of being predicted. When a random number is generated using a predictable random number seed, once the algorithm for generating the random number is guessed by the attacker or obtained by other means such as reverse, the attacker can predict the upcoming game according to the random number generation algorithm. Random numbers, to achieve random number prediction, to achieve the purpose of the attack.

On November 11, 2018, the attacker launched a continuous random number attack on EOS.WIN, which earned a total of 20,000 EOS. The slow fog security team recommended that smart contract developers use secure random number sources as contract random numbers, such as Use the random number seed in the chain to generate random numbers to upload to the chain, reducing the risk of the contract being attacked.