Hacked Smart Contracts (and how to avoid being the next one)
Millions of dollars worth of Eth have been stolen from smart contracts that launched with vulnerabilities. In this course, we’ll take a close, technical look at the bugs and how we can prevent them from happening to us.
“I think the DAO is getting drained right now” – was the quiet headline of a post at /r/ethereum - “Unfortunately, I am on a train to work, so [I] cannot investigate, but looks like a recursive call exploit of some kind.”
This “recursive call exploit”, resulted in the attacker controlling $50 million dollars worth of Ether out of about $150 million dollars worth that had originally been invested.
“Why,” you might be asking, “would people give control of $150 million dollars to a smart contract?” And what code did that attacker write that suddenly gave them control of $50 million dollars?"
That is exactly what we’re going to look at. First, let me tell you about what the DAO even was.
In 2016 a team had a revolutionary idea: that organizations could be decentralized.
For example, we can think of a business as an organization controlled by it’s founders and investors. The business takes labor and capital as inputs and, hopefully returns more capital to the investors than was put in.
The pitch for the DAO to act as a decentralized organization. The idea is you send money to the DAO and you’re given voting tokens.
Of course, the DAO can’t do anything on it’s own – it requires someone to perform actions such as writing code, designing, producing. The person who does the work is called the contractor.
If the contractor wants perform work for the DAO, they submit a proposal and the proposal is voted on by the token-holding members. If the proposal is accepted, Ether is transferred into the destination specified by the Contractor
Unlike centralized organizations which are often opaque, arbitrary, and controlled by a few, the DAO was supposed to be transparent, fair, and controlled directly by it’s token-holding members.
What was the bug?
But when I hear the story of the DAO I’d always wonder, what was the bug exactly. If the Ethereum EVM wasn’t the problem, then that means, the DAO bug had could be implemented again today on any of these platforms.
When I’m writing my smart contracts, how can I prevent such a bug from ever happening to me.
Well in these videos that’s what we’re going to cover. It turns out, the Solidity bugs in the DAO aren’t that difficult to understand, once you know what to look for.
There were several different code issues with the DAO. But there two main patterns that caused the downfall of the DAO that we’re going to look at. They’re called:
- re-entrancy and
- race to empty
I’m going to show you toy versions of these patterns, and we’ll discuss alternative, safer patterns that help us mitigate the unwanted behavior.
Hearing of all these attacks might make you think that Solidity programming impossibly insecure and smart contract security is a lost cause. While Ethereum is young, this kind of blanket statement not true.
If history is any lesson, many people thought the same thing about web programming. SQL injection attacks, cross-site-scripting, and cookie-hacking, for example, were widely exploited until the attacks became better known and now these are common patterns we defend against, almost without thinking about - Defense for SQL injection is built into basically every web framework.
Solidity is similar in that we’re in the early stages where some attacks are not necessarily well understood. Raising awareness of these attacks and teaching you to defend against them is the point of this series.