And, see you in the following articles.Īgain, you can find all related source code at □. We hope you have learned something interesting. In this article, you have discovered the integer overflow vulnerability in the smart contract, how an attacker exploits it, and the solutions to fix the issue. Please refer to this link for the latest OpenZeppelin’s SafeMath library. The library used in the code is just a simplified version for brevity’s sake. The contract applies the SafeMath library to prevent any underflow or overflow issues in lines 46, 50, 56, and 58. The FixedMoonToken contract above is the fixed version of the InsecureMoonToken. The Problem I have been thinking about integer (type int) overflows, and it occurs to me that division could overflow. Therefore, you can buy or sell 1, 2, 3, or 46 tokens but not 33.5.Įxactly, the InsecureMoonToken contract is vulnerable to integer overflow. In other words, 1 MOON token will always have a fixed value of 1 Ether. The MOON is a non-divisible token (token decimals = 0) pegged with 1 Ether. The following presents the InsecureMoonToken contract that allows a user to buy or sell MOON tokens. Nonetheless, feel free to contact Valix Consulting for your smart contract consulting and auditing services. Hence, do not use the source code in this article in your production. Some contracts are vulnerable, some are simplified for minimal, some contain malicious code. The smart contracts in this article are used to demonstrate vulnerability issues only. You can find all related source code at □. This article will explore how the integer overflow happens and how to prevent it when developing your smart contracts. Integer overflow might be one of the most commonly known issues in the smart contract security field. For this reason, we are proud to present this series of articles regarding Solidity smart contract security to educate and improve the knowledge in this domain to the public. Smart contract security is one of the biggest impediments toward the mass adoption of the blockchain. This is called "wrapping" because the value has "wrapped around" from the high end of the numeric range to the low end.Originally published in Valix Consulting’s Medium. If the addition of two positive signed integers overflows - that is, if the result is larger than can be represented - the processor will produce a number that, when interpreted as a 2's complement signed integer, will appear to be negative. Most C programmers are developing for machines which use a 2's complement representation of integers addition and subtraction, with such a representation, is implemented in exactly the same way as for unsigned arithmetic. One prominent example is that of signed integer overflow. Quite a few people have been objecting to this, since it can result in the generated code not doing what the programmer intended the problem is becoming more noticeable over time, as compilers introduce more sophisticated optimisation techniques which are more likely to exploit the notion. A discussion of undefined behaviour and compiler optimisation, particularly in regards to signed integer overflow.Ĭ (and C++) compilers are becoming notorious for exploiting the notion of undefined behaviour - the idea that certain things a program might do have no behaviour proscribed by the language standard, and that the compiler can assume the program doesn't do these things when it is generating object code.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |