[Case Study] Smart Contract Audit Process

Overview

Decentral Solutions has worked with many customers to evaluate the security of their products and engineering practices. Smart contracts provide a way to programatically govern relationships between one or more entities without the need for a middleman. The security implications of this new paradigm are far reaching, leading to new classes of vulnerabilities in code. Vulnerabilities in smart contracts have cumulatively cost the cryptocurrency ecosystem hundreds of millions of dollars in losses. We help to identify security flaws in your contracts before they are deployed into a production environment.

Solution

Decentral Solutions sits down with the clients engineering team to understand their business, architecture, existing code base, engineering practices, etc.

We then write a detailed threat model including data flow diagrams, list of potential threats (details listed below), and mitigations. Finally we assisted customers in implementing changes to their code and their engineering practices to close the gaps.

Reentrancey exploit

Certain exploits allows functions to be re-entered before its termination, which can then be used circumvent restrictions e.g. DAO hack.


Memory access violation

It’s possible to push a variable’s pointer outside the range of its closure, thus allowing the exploiter to access or mutate mission critical data.


Stack size limit

Functions can be written that when invoked causes the EVM to overflow. Call stack exceeds maximum size and the method throws.


State mutability

Lack of function closures and improper use of global variables lead to state conflicts, intermittent failures and race conditions


Block time dependencies

Miners can exploit contracts that depend on parametrized blocktimes, when there is an economic incentive.


Deterministic randomness

Programming a contract to meet a random condition can be exploited if random number is generated by a pseudorandom function.


Type casts

When types are not enforced or used properly, unexpected behavior may result e.g. arithmetic overflows.


Ether voids

Ether sent to the wrong address are lost forever, contracts that do not detect when recipient is an orphaned address.


Call to the unknown

When a contract has a function that invokes an atypical fallback, e.g. self destruct in the Parity Multisig Wallet Hack


Exception disorder

Non-standardized behavior for errors and exception handling.


Gas limit

When a contract method call requires more gas than the maximum allowed per transaction.