SlideShare a Scribd company logo

Attacking Ethereum Smart Contracts a deep dive after ~9 years of deployment

Simone Onofri
Simone Onofri

This presentation dives deep into the security of Ethereum Smart Contracts written in Solidity, shedding light on common vulnerabilities. Inspired by the newly released OWASP Blockchain Top 10, the presentation will focus on famous vulnerabilities by examples. After a brief introduction to Ethereum Blockchain and Solidity, the presentation will describe a systematic approach that includes source code analysis, dissecting real-world incidents, reverse-engineer the code of attacked contracts to reveal their inner workings, and use some vulnerable contracts to demonstrate these vulnerabilities interactively and engagingly, providing a practical understanding of issues such as Reentrancy, Arithmetic vulnerabilities, DoS attacks, and insecure randomness. This talk aims to equip developers, security analysts, and blockchain enthusiasts with the knowledge to build more secure smart contracts. By understanding these security risks, participants will be better prepared to anticipate, identify, and mitigate potential threats, fostering a safer web3 environment.

Technology
1 of 40
OWASP FOUNDATION ® Attacking Ethereum Smart Contracts a deep dive after ~9 years of deployment Simone Onofri OWASP Italy Day 2023 Politecnico of Milan - 11th September 2023
OWASP FOUNDATION owasp.org Introduction
Open: Everything at OWASP is radically transparent from our finances to our code. Innovative: We encourage and support innovation and experiments for solutions to software security challenges. Global: Anyone around the world is encouraged to participate in the OWASP community. Integrity: Our community is respectful, supportive, truthful, and vendor neutral OWASP FOUNDATION owasp.org • What are Smart Contracts? • What are the most common vulnerabilities? • Conclusions Agenda
Open: Everything at OWASP is radically transparent from our finances to our code. Innovative: We encourage and support innovation and experiments for solutions to software security challenges. Global: Anyone around the world is encouraged to participate in the OWASP community. Integrity: Our community is respectful, supportive, truthful, and vendor neutral OWASP FOUNDATION owasp.org • What are Smart Contracts? • What are the most common vulnerabilities? • Conclusions Agenda
OWASP FOUNDATION owasp.org What are Smart Contracts? Are simply programs that runs on the Ethereum blockchain. It’s a collection of code (its functions) and data (its state) that resides at a specific address on the Ethereum blockchain. https://ethereum.org/en/developers/docs/smart-contracts/
OWASP FOUNDATION owasp.org How are Smart Contracts written? Turing-complete programming language that can be used to create “contracts” that can be used to encode arbitrary state transition functions [...]. The code in Ethereum contracts is written in a low-level, stack-based bytecode language, referred to as “Ethereum virtual machine code” or “EVM code”. The code consists of a series of bytes, where each byte represents an operation https://ethereum.org/669c9e2e2027310b6b3cdce6e1c52962/Ethereum_Whitepaper_-_Buterin_2014.pdf
OWASP FOUNDATION owasp.org What can be done with Smart Contracts? systems which automatically move digital assets according to arbitrary pre-specified rules. For example, one might have a treasury contract of the form "A can withdraw up to X currency units per day, B can withdraw up to Y per day, A and B together can withdraw anything, and A can shut off B's ability to withdraw". […] https://ethereum.org/669c9e2e2027310b6b3cdce6e1c52962/Ethereum_Whitepaper_-_Buterin_2014.pdf
OWASP FOUNDATION owasp.org
OWASP FOUNDATION owasp.org
OWASP FOUNDATION owasp.org What can be done with Smart Contracts? […] The logical extension of this is decentralized autonomous organizations (DAOs) - long-term smart contracts that contain the assets and encode the bylaws of an entire organization https://ethereum.org/669c9e2e2027310b6b3cdce6e1c52962/Ethereum_Whitepaper_-_Buterin_2014.pdf
OWASP FOUNDATION owasp.org
OWASP FOUNDATION owasp.org
OWASP FOUNDATION owasp.org Screenshot dell’attaccco
OWASP FOUNDATION owasp.org
OWASP FOUNDATION owasp.org What are Blockchain characteristics and how do they impact security? ● Immutable: Transactions are irreversible, meaning they can’t be undone once an action has been taken. ● Public: Both contracts and transactions are publicly accessible through the blockchain. ● Deterministic: The execution of a smart contract must yield the same result on any node. ● Limited: Smart contracts cannot call upon external resources unless they use Oracles. ● Permissionless: Everyone can publish and interact with contracts.
Open: Everything at OWASP is radically transparent from our finances to our code. Innovative: We encourage and support innovation and experiments for solutions to software security challenges. Global: Anyone around the world is encouraged to participate in the OWASP community. Integrity: Our community is respectful, supportive, truthful, and vendor neutral OWASP FOUNDATION owasp.org • What are Smart Contracts? • What are the most common vulnerabilities? • Conclusions Agenda
OWASP FOUNDATION owasp.org OWASP Smart Contract Top 10 (2023) • Reentrancy Attacks • Integer Overflow and Underflow • Timestamp Dependence • Access Control Vulnerabilities • Front-running Attacks • Denial of Service (DoS) Attacks • Logic Errors • Insecure Randomness • Gas Limit Vulnerabilities • Unchecked External Calls
OWASP FOUNDATION owasp.org OWASP Smart Contract Top 10 (2023) • Reentrancy Attacks • Integer Overflow and Underflow • Timestamp Dependence • Access Control Vulnerabilities • Front-running Attacks • Denial of Service (DoS) Attacks • Logic Errors • Insecure Randomness • Gas Limit Vulnerabilities • Unchecked External Calls
OWASP FOUNDATION owasp.org
OWASP FOUNDATION owasp.org Vulnerable Contract 0x6060604052361561008a576000357c0100000000000000000000000000000000000000000000000000000000900480 63095ea7b3146100b857806318160ddd146100ed57806323b872dd146101105780632e1a7d4d1461014e57806370a082 311461017a578063a9059cbb146101a6578063d0e30db0146101db578063dd62ed3e146101fe5761008a565b6100a25b 6000610098610887565b905061009f565b90565b6040518082815260200191505060405180910390f35b6100d7600480 803590602001909190803590602001909190505061061a565b6040518082815260200191505060405180910390f35b61 00fa6004805050610757565b6040518082815260200191505060405180910390f35b6101386004808035906020019091 9080359060200190919080359060200190919050506103df565b6040518082815260200191505060405180910390f35b 610164600480803590602001909190505061077b565b6040518082815260200191505060405180910390f35b61019060 04808035906020019091905050610233565b6040518082815260200191505060405180910390f35b6101c56004808035 906020019091908035906020019091905050610271565b6040518082815260200191505060405180910390f35b6101e8 6004805050610887565b6040518082815260200191505060405180910390f35b61021d60048080359060200190919080 359060200190919050506106ee565b6040518082815260200191505060405180910390f35b6000600060005060008373 ffffffffffffffffffffffffffffffffffffffff16815260200190815260200160002060005054905061026c565b9190 50565b600081600060005060003373ffffffffffffffffffffffffffffffffffffffff16815260200190815260200160 00206000505410156102af57610002565b6102e8600060005060008573ffffffffffffffffffffffffffffffffffffff ff168152602001908152602001600020600050548361091f565b15156102f357610002565b81600060005060003373ff ffffffffffffffffffffffffffffffffffffff16815260200190815260200160002060008282825054039250508[…] https://etherscan.io/address/0xd654bDD32FC99471455e86C2E7f7D7b6437e9179 Opcodes: 0x60: PUSH1 EVM opcode 0x60: The free memory pointer 0x60: PUSH1 EVM opcode 0x40: Memory position for the free memory pointer MSTORE : EVM opcode is 0x52
OWASP FOUNDATION owasp.org
OWASP FOUNDATION owasp.org Decompiled withdraw function https://etherscan.io/address/0xd654bDD32FC99471455e86C2E7f7D7b6437e9179
OWASP FOUNDATION owasp.org Attacker Contract by Nikolai Mushegian Decompiled https://etherscan.io/address/0x4AfB544Eb87265cF7Fc8fdB843c81d34F7E2A369
OWASP FOUNDATION owasp.org Attack Proof of Concept
OWASP FOUNDATION owasp.org OWASP Smart Contract Top 10 (2023) • Reentrancy Attacks • Integer Overflow and Underflow • Timestamp Dependence • Access Control Vulnerabilities • Front-running Attacks • Denial of Service (DoS) Attacks • Logic Errors • Insecure Randomness • Gas Limit Vulnerabilities • Unchecked External Calls
OWASP FOUNDATION owasp.org
OWASP FOUNDATION owasp.org
OWASP FOUNDATION owasp.org Vulnerable Contract
OWASP FOUNDATION owasp.org Integer Overflow and Underflow An integer overflow occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may wrap to become a very small or negative number. https://cwe.mitre.org/data/definitions/190.html
OWASP FOUNDATION owasp.org Increment uint8 (2^8-1) in Solidity 0+1=1 1+1=2 2+1=3 […] 253+1=254 254+1= 255 255 + 1 = 0
OWASP FOUNDATION owasp.org Attack Contract and PoC
OWASP FOUNDATION owasp.org OWASP Smart Contract Top 10 (2023) • Reentrancy Attacks • Integer Overflow and Underflow • Timestamp Dependence • Access Control Vulnerabilities • Front-running Attacks • Denial of Service (DoS) Attacks • Logic Errors • Insecure Randomness • Gas Limit Vulnerabilities • Unchecked External Calls
OWASP FOUNDATION owasp.org Abritrage CTF Admin has gifted you 5e18 Btokens on your birthday. Using A,B,C,D,E token pairs on swap contracts, increase your BTokens. Interface to Uniswap v2 https://quillctf.super.site/challenges/quillctf-x-quickswap/arbitrage
OWASP FOUNDATION owasp.org Vulnerability Description Arbitrage arises when price discrepancies exist across different markets, trading pairs or Liquidity Pools for the same asset. However, trading fees, gas fees, and slippage must be considered. To evaluate arbitrage opportunities it is possible to evaluate the indirect and circular trade “paths”, starting from B and ending with B when the exchange rate is calculated from the quantity of different tokens present in each pool. B -> A -> C -> B B -> A -> D -> B B -> A -> E -> B B -> C -> A -> B B -> C -> D -> B B -> C -> E -> B B -> D -> A -> B B -> D -> C -> B B -> D -> E -> B B -> E -> A -> B B -> E -> C -> B B -> E -> D -> B https://docs.uniswap.org/contracts/v2/concepts/core-concepts/pools
OWASP FOUNDATION owasp.org Attack Contract and PoC
Open: Everything at OWASP is radically transparent from our finances to our code. Innovative: We encourage and support innovation and experiments for solutions to software security challenges. Global: Anyone around the world is encouraged to participate in the OWASP community. Integrity: Our community is respectful, supportive, truthful, and vendor neutral OWASP FOUNDATION owasp.org • What are Smart Contracts? • What are the most common vulnerabilities? • Conclusions Agenda
OWASP FOUNDATION owasp.org Conclusions Smart Contract security is a composite problem that can be derived from: • Programming issues (e.g., arithmetic vulnerabilities). • Features of the blockchain (e.g., access control, weak sources of randomness). • Feature of the Platform (e.g., reentrancy, time dependence, frontrunning). But the main point is to understand the Business Logic of the Smart Contract we’re auditing.
OWASP FOUNDATION owasp.org
OWASP FOUNDATION owasp.org Thank you to our sponsors
Attacking Ethereum Smart Contracts a deep dive after ~9 years of deployment

Recommended

White paper ALQO.pdf
White paper ALQO.pdfWhite paper ALQO.pdf
White paper ALQO.pdfPierreLaBauve
 
Vidulum Lite Paper
Vidulum Lite PaperVidulum Lite Paper
Vidulum Lite PaperJeremy Dixon
 
Which are the top Defi dashboards_.pdf
Which are the top Defi dashboards_.pdfWhich are the top Defi dashboards_.pdf
Which are the top Defi dashboards_.pdfManojkumar931671
 
Investing In Blockchain Startups - A Guide For Angels & VCs
Investing In Blockchain Startups - A Guide For Angels & VCs Investing In Blockchain Startups - A Guide For Angels & VCs
Investing In Blockchain Startups - A Guide For Angels & VCs Jamie Burke
 
2014 09-04-pj
2014 09-04-pj2014 09-04-pj
2014 09-04-pjSébastien GIORIA
 
OpenZeppelin Audit of Origin Dollar (OUSD)
OpenZeppelin Audit of Origin Dollar (OUSD)OpenZeppelin Audit of Origin Dollar (OUSD)
OpenZeppelin Audit of Origin Dollar (OUSD)Origin Protocol
 
Bitcoin Startup Landscape - Q2 2014
Bitcoin Startup Landscape - Q2 2014Bitcoin Startup Landscape - Q2 2014
Bitcoin Startup Landscape - Q2 2014Tracxn
 
Blockchain; how it works, and why you should care
Blockchain; how it works, and why you should careBlockchain; how it works, and why you should care
Blockchain; how it works, and why you should careVincent Olislagers
 

Recommended

White paper ALQO.pdf
White paper ALQO.pdfWhite paper ALQO.pdf
White paper ALQO.pdfPierreLaBauve
 
Vidulum Lite Paper
Vidulum Lite PaperVidulum Lite Paper
Vidulum Lite PaperJeremy Dixon
 
Which are the top Defi dashboards_.pdf
Which are the top Defi dashboards_.pdfWhich are the top Defi dashboards_.pdf
Which are the top Defi dashboards_.pdfManojkumar931671
 
Investing In Blockchain Startups - A Guide For Angels & VCs
Investing In Blockchain Startups - A Guide For Angels & VCs Investing In Blockchain Startups - A Guide For Angels & VCs
Investing In Blockchain Startups - A Guide For Angels & VCs Jamie Burke
 
2014 09-04-pj
2014 09-04-pj2014 09-04-pj
2014 09-04-pjSébastien GIORIA
 
OpenZeppelin Audit of Origin Dollar (OUSD)
OpenZeppelin Audit of Origin Dollar (OUSD)OpenZeppelin Audit of Origin Dollar (OUSD)
OpenZeppelin Audit of Origin Dollar (OUSD)Origin Protocol
 
Bitcoin Startup Landscape - Q2 2014
Bitcoin Startup Landscape - Q2 2014Bitcoin Startup Landscape - Q2 2014
Bitcoin Startup Landscape - Q2 2014Tracxn
 
Blockchain; how it works, and why you should care
Blockchain; how it works, and why you should careBlockchain; how it works, and why you should care
Blockchain; how it works, and why you should careVincent Olislagers
 
NOYS' Cash Cow Choices (CCC) slides
NOYS' Cash Cow Choices (CCC) slidesNOYS' Cash Cow Choices (CCC) slides
NOYS' Cash Cow Choices (CCC) slidesNOYS Research, Analysis and Business Intelligence
 
Intro to Web3
Intro to Web3Intro to Web3
Intro to Web3asasdasd5
 
Stellar for payments, money transfer & remittances
Stellar for payments, money transfer & remittancesStellar for payments, money transfer & remittances
Stellar for payments, money transfer & remittancesMark Vernon
 
Interledger DvP Settlement on Amazon Managed Blockchain
Interledger DvP Settlement on Amazon Managed BlockchainInterledger DvP Settlement on Amazon Managed Blockchain
Interledger DvP Settlement on Amazon Managed BlockchainAmazon Web Services
 
DefiRoboticsFinance
DefiRoboticsFinanceDefiRoboticsFinance
DefiRoboticsFinanceDefiRobotics
 
OpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGOpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGNat Sakimura
 
Light paper
Light paper Light paper
Light paper wijitha gayan
 
BlockChain for the Banker
BlockChain for the BankerBlockChain for the Banker
BlockChain for the BankerBohdan Szymanik
 
Zcash (ZEC) Analysis by Pugilist Ventures
Zcash (ZEC) Analysis by Pugilist VenturesZcash (ZEC) Analysis by Pugilist Ventures
Zcash (ZEC) Analysis by Pugilist VenturesChristopher Brookins
 
OpenCryptoTrust vision deck
OpenCryptoTrust vision deckOpenCryptoTrust vision deck
OpenCryptoTrust vision deckStuart G Hall (stuartgh)
 
Altverse Intro for Collaboration
Altverse Intro for CollaborationAltverse Intro for Collaboration
Altverse Intro for CollaborationAltverse
 
A Regulatory Understanding of Virtual Assets (Cryptocurrency) Types and their...
A Regulatory Understanding of Virtual Assets (Cryptocurrency) Types and their...A Regulatory Understanding of Virtual Assets (Cryptocurrency) Types and their...
A Regulatory Understanding of Virtual Assets (Cryptocurrency) Types and their...Alessa
 
Cardano(ADA).pptx
Cardano(ADA).pptxCardano(ADA).pptx
Cardano(ADA).pptxCfaLoganathan
 
Brochure invesco india - invesco coin shares global blockchain etf fund of ...
Brochure invesco india - invesco coin shares global blockchain etf fund of ...Brochure invesco india - invesco coin shares global blockchain etf fund of ...
Brochure invesco india - invesco coin shares global blockchain etf fund of ...Sumanas ---
 
Era Swap Token Whitepaper
Era Swap Token Whitepaper Era Swap Token Whitepaper
Era Swap Token Whitepaper eraswaptoken
 
What is Multisig? - Meetup #7 - 2022-12-08
What is Multisig? - Meetup #7 - 2022-12-08What is Multisig? - Meetup #7 - 2022-12-08
What is Multisig? - Meetup #7 - 2022-12-08RoundRockBitcoiners
 
BlockChain_Brochure
BlockChain_BrochureBlockChain_Brochure
BlockChain_BrochureThi Dang
 
DNS Security Threats and Solutions
DNS Security Threats and SolutionsDNS Security Threats and Solutions
DNS Security Threats and SolutionsInnoTech
 
Top 10 Ways To Make Money In Cryptocurrency.pdf
Top 10 Ways To Make Money In Cryptocurrency.pdfTop 10 Ways To Make Money In Cryptocurrency.pdf
Top 10 Ways To Make Money In Cryptocurrency.pdfDigital Coin
 
Introducing SciaaS @ Sanger
Introducing SciaaS @ SangerIntroducing SciaaS @ Sanger
Introducing SciaaS @ SangerPeter Clapham
 
Attacking and Exploiting Ethereum Smart Contracts: Auditing 101
Attacking and Exploiting Ethereum Smart Contracts: Auditing 101Attacking and Exploiting Ethereum Smart Contracts: Auditing 101
Attacking and Exploiting Ethereum Smart Contracts: Auditing 101Simone Onofri
 
Attacking IoT Devices from a Web Perspective - Linux Day
Attacking IoT Devices from a Web Perspective - Linux Day Attacking IoT Devices from a Web Perspective - Linux Day
Attacking IoT Devices from a Web Perspective - Linux Day Simone Onofri
 

More Related Content

Similar to Attacking Ethereum Smart Contracts a deep dive after ~9 years of deployment

Intro to Web3
Intro to Web3Intro to Web3
Intro to Web3asasdasd5
 
Stellar for payments, money transfer & remittances
Stellar for payments, money transfer & remittancesStellar for payments, money transfer & remittances
Stellar for payments, money transfer & remittancesMark Vernon
 
Interledger DvP Settlement on Amazon Managed Blockchain
Interledger DvP Settlement on Amazon Managed BlockchainInterledger DvP Settlement on Amazon Managed Blockchain
Interledger DvP Settlement on Amazon Managed BlockchainAmazon Web Services
 
DefiRoboticsFinance
DefiRoboticsFinanceDefiRoboticsFinance
DefiRoboticsFinanceDefiRobotics
 
OpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGOpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGNat Sakimura
 
BlockChain for the Banker
BlockChain for the BankerBlockChain for the Banker
BlockChain for the BankerBohdan Szymanik
 
Zcash (ZEC) Analysis by Pugilist Ventures
Zcash (ZEC) Analysis by Pugilist VenturesZcash (ZEC) Analysis by Pugilist Ventures
Zcash (ZEC) Analysis by Pugilist VenturesChristopher Brookins
 
Altverse Intro for Collaboration
Altverse Intro for CollaborationAltverse Intro for Collaboration
Altverse Intro for CollaborationAltverse
 
A Regulatory Understanding of Virtual Assets (Cryptocurrency) Types and their...
A Regulatory Understanding of Virtual Assets (Cryptocurrency) Types and their...A Regulatory Understanding of Virtual Assets (Cryptocurrency) Types and their...
A Regulatory Understanding of Virtual Assets (Cryptocurrency) Types and their...Alessa
 
Brochure invesco india - invesco coin shares global blockchain etf fund of ...
Brochure invesco india - invesco coin shares global blockchain etf fund of ...Brochure invesco india - invesco coin shares global blockchain etf fund of ...
Brochure invesco india - invesco coin shares global blockchain etf fund of ...Sumanas ---
 
Era Swap Token Whitepaper
Era Swap Token Whitepaper Era Swap Token Whitepaper
Era Swap Token Whitepaper eraswaptoken
 
What is Multisig? - Meetup #7 - 2022-12-08
What is Multisig? - Meetup #7 - 2022-12-08What is Multisig? - Meetup #7 - 2022-12-08
What is Multisig? - Meetup #7 - 2022-12-08RoundRockBitcoiners
 
BlockChain_Brochure
BlockChain_BrochureBlockChain_Brochure
BlockChain_BrochureThi Dang
 
DNS Security Threats and Solutions
DNS Security Threats and SolutionsDNS Security Threats and Solutions
DNS Security Threats and SolutionsInnoTech
 
Top 10 Ways To Make Money In Cryptocurrency.pdf
Top 10 Ways To Make Money In Cryptocurrency.pdfTop 10 Ways To Make Money In Cryptocurrency.pdf
Top 10 Ways To Make Money In Cryptocurrency.pdfDigital Coin
 
Introducing SciaaS @ Sanger
Introducing SciaaS @ SangerIntroducing SciaaS @ Sanger
Introducing SciaaS @ SangerPeter Clapham
 

Similar to Attacking Ethereum Smart Contracts a deep dive after ~9 years of deployment (20)

NOYS' Cash Cow Choices (CCC) slides
NOYS' Cash Cow Choices (CCC) slidesNOYS' Cash Cow Choices (CCC) slides
NOYS' Cash Cow Choices (CCC) slides
 
Intro to Web3
Intro to Web3Intro to Web3
Intro to Web3
 
Stellar for payments, money transfer & remittances
Stellar for payments, money transfer & remittancesStellar for payments, money transfer & remittances
Stellar for payments, money transfer & remittances
 
Interledger DvP Settlement on Amazon Managed Blockchain
Interledger DvP Settlement on Amazon Managed BlockchainInterledger DvP Settlement on Amazon Managed Blockchain
Interledger DvP Settlement on Amazon Managed Blockchain
 
DefiRoboticsFinance
DefiRoboticsFinanceDefiRoboticsFinance
DefiRoboticsFinance
 
OpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGOpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WG
 
Light paper
Light paper Light paper
Light paper
 
BlockChain for the Banker
BlockChain for the BankerBlockChain for the Banker
BlockChain for the Banker
 
Zcash (ZEC) Analysis by Pugilist Ventures
Zcash (ZEC) Analysis by Pugilist VenturesZcash (ZEC) Analysis by Pugilist Ventures
Zcash (ZEC) Analysis by Pugilist Ventures
 
OpenCryptoTrust vision deck
OpenCryptoTrust vision deckOpenCryptoTrust vision deck
OpenCryptoTrust vision deck
 
Altverse Intro for Collaboration
Altverse Intro for CollaborationAltverse Intro for Collaboration
Altverse Intro for Collaboration
 
A Regulatory Understanding of Virtual Assets (Cryptocurrency) Types and their...
A Regulatory Understanding of Virtual Assets (Cryptocurrency) Types and their...A Regulatory Understanding of Virtual Assets (Cryptocurrency) Types and their...
A Regulatory Understanding of Virtual Assets (Cryptocurrency) Types and their...
 
Cardano(ADA).pptx
Cardano(ADA).pptxCardano(ADA).pptx
Cardano(ADA).pptx
 
Brochure invesco india - invesco coin shares global blockchain etf fund of ...
Brochure invesco india - invesco coin shares global blockchain etf fund of ...Brochure invesco india - invesco coin shares global blockchain etf fund of ...
Brochure invesco india - invesco coin shares global blockchain etf fund of ...
 
Era Swap Token Whitepaper
Era Swap Token Whitepaper Era Swap Token Whitepaper
Era Swap Token Whitepaper
 
What is Multisig? - Meetup #7 - 2022-12-08
What is Multisig? - Meetup #7 - 2022-12-08What is Multisig? - Meetup #7 - 2022-12-08
What is Multisig? - Meetup #7 - 2022-12-08
 
BlockChain_Brochure
BlockChain_BrochureBlockChain_Brochure
BlockChain_Brochure
 
DNS Security Threats and Solutions
DNS Security Threats and SolutionsDNS Security Threats and Solutions
DNS Security Threats and Solutions
 
Top 10 Ways To Make Money In Cryptocurrency.pdf
Top 10 Ways To Make Money In Cryptocurrency.pdfTop 10 Ways To Make Money In Cryptocurrency.pdf
Top 10 Ways To Make Money In Cryptocurrency.pdf
 
Introducing SciaaS @ Sanger
Introducing SciaaS @ SangerIntroducing SciaaS @ Sanger
Introducing SciaaS @ Sanger
 

More from Simone Onofri

Attacking and Exploiting Ethereum Smart Contracts: Auditing 101
Attacking and Exploiting Ethereum Smart Contracts: Auditing 101Attacking and Exploiting Ethereum Smart Contracts: Auditing 101
Attacking and Exploiting Ethereum Smart Contracts: Auditing 101Simone Onofri
 
Attacking IoT Devices from a Web Perspective - Linux Day
Attacking IoT Devices from a Web Perspective - Linux Day Attacking IoT Devices from a Web Perspective - Linux Day
Attacking IoT Devices from a Web Perspective - Linux Day Simone Onofri
 
Linux Day 2018 Roma - Web Application Penetration Test (WAPT) con Linux
Linux Day 2018 Roma - Web Application Penetration Test (WAPT) con LinuxLinux Day 2018 Roma - Web Application Penetration Test (WAPT) con Linux
Linux Day 2018 Roma - Web Application Penetration Test (WAPT) con LinuxSimone Onofri
 
Agile Lean Conference 2017 - Leadership e facilitazione
Agile Lean Conference 2017 - Leadership e facilitazioneAgile Lean Conference 2017 - Leadership e facilitazione
Agile Lean Conference 2017 - Leadership e facilitazioneSimone Onofri
 
Agile Business Consortium - LEGO SERIOUS PLAY e i Principi di Agile Project M...
Agile Business Consortium - LEGO SERIOUS PLAY e i Principi di Agile Project M...Agile Business Consortium - LEGO SERIOUS PLAY e i Principi di Agile Project M...
Agile Business Consortium - LEGO SERIOUS PLAY e i Principi di Agile Project M...Simone Onofri
 
Agile Project Framework
Agile Project FrameworkAgile Project Framework
Agile Project FrameworkSimone Onofri
 
Agile nei servizi di cyber security (Security Summit Edition)
Agile nei servizi di cyber security (Security Summit Edition)Agile nei servizi di cyber security (Security Summit Edition)
Agile nei servizi di cyber security (Security Summit Edition)Simone Onofri
 
Security Project Management - Agile nei servizi di Cyber Security
Security Project Management - Agile nei servizi di Cyber SecuritySecurity Project Management - Agile nei servizi di Cyber Security
Security Project Management - Agile nei servizi di Cyber SecuritySimone Onofri
 
Cyber Defense - How to find and manage zero-days
Cyber Defense - How to find and manage zero-days Cyber Defense - How to find and manage zero-days
Cyber Defense - How to find and manage zero-days Simone Onofri
 
Cyber Defense - How to be prepared to APT
Cyber Defense - How to be prepared to APTCyber Defense - How to be prepared to APT
Cyber Defense - How to be prepared to APTSimone Onofri
 
ISACA - Gestire progetti di Ethical Hacking secondo le best practices
ISACA - Gestire progetti di Ethical Hacking secondo le best practicesISACA - Gestire progetti di Ethical Hacking secondo le best practices
ISACA - Gestire progetti di Ethical Hacking secondo le best practicesSimone Onofri
 
OWASP AppSec EU 2016 - Security Project Management - How to be Agile in Secu...
OWASP AppSec EU 2016 - Security Project Management - How to be Agile in Secu...OWASP AppSec EU 2016 - Security Project Management - How to be Agile in Secu...
OWASP AppSec EU 2016 - Security Project Management - How to be Agile in Secu...Simone Onofri
 
Mamma, da grande voglio essere un Penetration Tester HackInBo 2016 Winter
Mamma, da grande voglio essere un Penetration Tester HackInBo 2016 WinterMamma, da grande voglio essere un Penetration Tester HackInBo 2016 Winter
Mamma, da grande voglio essere un Penetration Tester HackInBo 2016 WinterSimone Onofri
 
Penetration Testing con Python - Network Sniffer
Penetration Testing con Python - Network SnifferPenetration Testing con Python - Network Sniffer
Penetration Testing con Python - Network SnifferSimone Onofri
 
Agile e Lean Management
Agile e Lean Management Agile e Lean Management
Agile e Lean ManagementSimone Onofri
 
Nuove minacce nella Cyber Security, come proteggersi
Nuove minacce nella Cyber Security, come proteggersiNuove minacce nella Cyber Security, come proteggersi
Nuove minacce nella Cyber Security, come proteggersiSimone Onofri
 
Hackers vs Developers - Cross Site Scripting (XSS) Attacco e difesa
Hackers vs Developers - Cross Site Scripting (XSS) Attacco e difesaHackers vs Developers - Cross Site Scripting (XSS) Attacco e difesa
Hackers vs Developers - Cross Site Scripting (XSS) Attacco e difesaSimone Onofri
 
Agile Lean Management - MoSCoW, Timeboxing e Kanban
Agile Lean Management - MoSCoW, Timeboxing e KanbanAgile Lean Management - MoSCoW, Timeboxing e Kanban
Agile Lean Management - MoSCoW, Timeboxing e KanbanSimone Onofri
 
Agile lean conference - Agile, Lean & Business
Agile lean conference - Agile, Lean & BusinessAgile lean conference - Agile, Lean & Business
Agile lean conference - Agile, Lean & BusinessSimone Onofri
 

More from Simone Onofri (20)

Attacking and Exploiting Ethereum Smart Contracts: Auditing 101
Attacking and Exploiting Ethereum Smart Contracts: Auditing 101Attacking and Exploiting Ethereum Smart Contracts: Auditing 101
Attacking and Exploiting Ethereum Smart Contracts: Auditing 101
 
Attacking IoT Devices from a Web Perspective - Linux Day
Attacking IoT Devices from a Web Perspective - Linux Day Attacking IoT Devices from a Web Perspective - Linux Day
Attacking IoT Devices from a Web Perspective - Linux Day
 
Linux Day 2018 Roma - Web Application Penetration Test (WAPT) con Linux
Linux Day 2018 Roma - Web Application Penetration Test (WAPT) con LinuxLinux Day 2018 Roma - Web Application Penetration Test (WAPT) con Linux
Linux Day 2018 Roma - Web Application Penetration Test (WAPT) con Linux
 
Agile Lean Conference 2017 - Leadership e facilitazione
Agile Lean Conference 2017 - Leadership e facilitazioneAgile Lean Conference 2017 - Leadership e facilitazione
Agile Lean Conference 2017 - Leadership e facilitazione
 
Agile Business Consortium - LEGO SERIOUS PLAY e i Principi di Agile Project M...
Agile Business Consortium - LEGO SERIOUS PLAY e i Principi di Agile Project M...Agile Business Consortium - LEGO SERIOUS PLAY e i Principi di Agile Project M...
Agile Business Consortium - LEGO SERIOUS PLAY e i Principi di Agile Project M...
 
Agile Project Framework
Agile Project FrameworkAgile Project Framework
Agile Project Framework
 
Agile nei servizi di cyber security (Security Summit Edition)
Agile nei servizi di cyber security (Security Summit Edition)Agile nei servizi di cyber security (Security Summit Edition)
Agile nei servizi di cyber security (Security Summit Edition)
 
Security Project Management - Agile nei servizi di Cyber Security
Security Project Management - Agile nei servizi di Cyber SecuritySecurity Project Management - Agile nei servizi di Cyber Security
Security Project Management - Agile nei servizi di Cyber Security
 
Cyber Defense - How to find and manage zero-days
Cyber Defense - How to find and manage zero-days Cyber Defense - How to find and manage zero-days
Cyber Defense - How to find and manage zero-days
 
Cyber Defense - How to be prepared to APT
Cyber Defense - How to be prepared to APTCyber Defense - How to be prepared to APT
Cyber Defense - How to be prepared to APT
 
ISACA - Gestire progetti di Ethical Hacking secondo le best practices
ISACA - Gestire progetti di Ethical Hacking secondo le best practicesISACA - Gestire progetti di Ethical Hacking secondo le best practices
ISACA - Gestire progetti di Ethical Hacking secondo le best practices
 
OWASP AppSec EU 2016 - Security Project Management - How to be Agile in Secu...
OWASP AppSec EU 2016 - Security Project Management - How to be Agile in Secu...OWASP AppSec EU 2016 - Security Project Management - How to be Agile in Secu...
OWASP AppSec EU 2016 - Security Project Management - How to be Agile in Secu...
 
Mamma, da grande voglio essere un Penetration Tester HackInBo 2016 Winter
Mamma, da grande voglio essere un Penetration Tester HackInBo 2016 WinterMamma, da grande voglio essere un Penetration Tester HackInBo 2016 Winter
Mamma, da grande voglio essere un Penetration Tester HackInBo 2016 Winter
 
Penetration Testing con Python - Network Sniffer
Penetration Testing con Python - Network SnifferPenetration Testing con Python - Network Sniffer
Penetration Testing con Python - Network Sniffer
 
ORM Injection
ORM InjectionORM Injection
ORM Injection
 
Agile e Lean Management
Agile e Lean Management Agile e Lean Management
Agile e Lean Management
 
Nuove minacce nella Cyber Security, come proteggersi
Nuove minacce nella Cyber Security, come proteggersiNuove minacce nella Cyber Security, come proteggersi
Nuove minacce nella Cyber Security, come proteggersi
 
Hackers vs Developers - Cross Site Scripting (XSS) Attacco e difesa
Hackers vs Developers - Cross Site Scripting (XSS) Attacco e difesaHackers vs Developers - Cross Site Scripting (XSS) Attacco e difesa
Hackers vs Developers - Cross Site Scripting (XSS) Attacco e difesa
 
Agile Lean Management - MoSCoW, Timeboxing e Kanban
Agile Lean Management - MoSCoW, Timeboxing e KanbanAgile Lean Management - MoSCoW, Timeboxing e Kanban
Agile Lean Management - MoSCoW, Timeboxing e Kanban
 
Agile lean conference - Agile, Lean & Business
Agile lean conference - Agile, Lean & BusinessAgile lean conference - Agile, Lean & Business
Agile lean conference - Agile, Lean & Business
 

Recently uploaded

Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...caitlingebhard1
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaWSO2
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingWSO2
 
Decarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational PerformanceDecarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational PerformanceIES VE
 
How to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfHow to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfdanishmna97
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAnitaRaj43
 
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMKumar Satyam
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityVictorSzoltysek
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 

Recently uploaded (20)

Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using Ballerina
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation Computing
 
Decarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational PerformanceDecarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational Performance
 
How to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfHow to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cf
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 

Attacking Ethereum Smart Contracts a deep dive after ~9 years of deployment

  • 1. OWASP FOUNDATION ® Attacking Ethereum Smart Contracts a deep dive after ~9 years of deployment Simone Onofri OWASP Italy Day 2023 Politecnico of Milan - 11th September 2023
  • 3. Open: Everything at OWASP is radically transparent from our finances to our code. Innovative: We encourage and support innovation and experiments for solutions to software security challenges. Global: Anyone around the world is encouraged to participate in the OWASP community. Integrity: Our community is respectful, supportive, truthful, and vendor neutral OWASP FOUNDATION owasp.org • What are Smart Contracts? • What are the most common vulnerabilities? • Conclusions Agenda
  • 4. Open: Everything at OWASP is radically transparent from our finances to our code. Innovative: We encourage and support innovation and experiments for solutions to software security challenges. Global: Anyone around the world is encouraged to participate in the OWASP community. Integrity: Our community is respectful, supportive, truthful, and vendor neutral OWASP FOUNDATION owasp.org • What are Smart Contracts? • What are the most common vulnerabilities? • Conclusions Agenda
  • 5. OWASP FOUNDATION owasp.org What are Smart Contracts? Are simply programs that runs on the Ethereum blockchain. It’s a collection of code (its functions) and data (its state) that resides at a specific address on the Ethereum blockchain. https://ethereum.org/en/developers/docs/smart-contracts/
  • 6. OWASP FOUNDATION owasp.org How are Smart Contracts written? Turing-complete programming language that can be used to create “contracts” that can be used to encode arbitrary state transition functions [...]. The code in Ethereum contracts is written in a low-level, stack-based bytecode language, referred to as “Ethereum virtual machine code” or “EVM code”. The code consists of a series of bytes, where each byte represents an operation https://ethereum.org/669c9e2e2027310b6b3cdce6e1c52962/Ethereum_Whitepaper_-_Buterin_2014.pdf
  • 7. OWASP FOUNDATION owasp.org What can be done with Smart Contracts? systems which automatically move digital assets according to arbitrary pre-specified rules. For example, one might have a treasury contract of the form "A can withdraw up to X currency units per day, B can withdraw up to Y per day, A and B together can withdraw anything, and A can shut off B's ability to withdraw". […] https://ethereum.org/669c9e2e2027310b6b3cdce6e1c52962/Ethereum_Whitepaper_-_Buterin_2014.pdf
  • 10. OWASP FOUNDATION owasp.org What can be done with Smart Contracts? […] The logical extension of this is decentralized autonomous organizations (DAOs) - long-term smart contracts that contain the assets and encode the bylaws of an entire organization https://ethereum.org/669c9e2e2027310b6b3cdce6e1c52962/Ethereum_Whitepaper_-_Buterin_2014.pdf
  • 15. OWASP FOUNDATION owasp.org What are Blockchain characteristics and how do they impact security? ● Immutable: Transactions are irreversible, meaning they can’t be undone once an action has been taken. ● Public: Both contracts and transactions are publicly accessible through the blockchain. ● Deterministic: The execution of a smart contract must yield the same result on any node. ● Limited: Smart contracts cannot call upon external resources unless they use Oracles. ● Permissionless: Everyone can publish and interact with contracts.
  • 16. Open: Everything at OWASP is radically transparent from our finances to our code. Innovative: We encourage and support innovation and experiments for solutions to software security challenges. Global: Anyone around the world is encouraged to participate in the OWASP community. Integrity: Our community is respectful, supportive, truthful, and vendor neutral OWASP FOUNDATION owasp.org • What are Smart Contracts? • What are the most common vulnerabilities? • Conclusions Agenda
  • 17. OWASP FOUNDATION owasp.org OWASP Smart Contract Top 10 (2023) • Reentrancy Attacks • Integer Overflow and Underflow • Timestamp Dependence • Access Control Vulnerabilities • Front-running Attacks • Denial of Service (DoS) Attacks • Logic Errors • Insecure Randomness • Gas Limit Vulnerabilities • Unchecked External Calls
  • 18. OWASP FOUNDATION owasp.org OWASP Smart Contract Top 10 (2023) • Reentrancy Attacks • Integer Overflow and Underflow • Timestamp Dependence • Access Control Vulnerabilities • Front-running Attacks • Denial of Service (DoS) Attacks • Logic Errors • Insecure Randomness • Gas Limit Vulnerabilities • Unchecked External Calls
  • 20. OWASP FOUNDATION owasp.org Vulnerable Contract 0x6060604052361561008a576000357c0100000000000000000000000000000000000000000000000000000000900480 63095ea7b3146100b857806318160ddd146100ed57806323b872dd146101105780632e1a7d4d1461014e57806370a082 311461017a578063a9059cbb146101a6578063d0e30db0146101db578063dd62ed3e146101fe5761008a565b6100a25b 6000610098610887565b905061009f565b90565b6040518082815260200191505060405180910390f35b6100d7600480 803590602001909190803590602001909190505061061a565b6040518082815260200191505060405180910390f35b61 00fa6004805050610757565b6040518082815260200191505060405180910390f35b6101386004808035906020019091 9080359060200190919080359060200190919050506103df565b6040518082815260200191505060405180910390f35b 610164600480803590602001909190505061077b565b6040518082815260200191505060405180910390f35b61019060 04808035906020019091905050610233565b6040518082815260200191505060405180910390f35b6101c56004808035 906020019091908035906020019091905050610271565b6040518082815260200191505060405180910390f35b6101e8 6004805050610887565b6040518082815260200191505060405180910390f35b61021d60048080359060200190919080 359060200190919050506106ee565b6040518082815260200191505060405180910390f35b6000600060005060008373 ffffffffffffffffffffffffffffffffffffffff16815260200190815260200160002060005054905061026c565b9190 50565b600081600060005060003373ffffffffffffffffffffffffffffffffffffffff16815260200190815260200160 00206000505410156102af57610002565b6102e8600060005060008573ffffffffffffffffffffffffffffffffffffff ff168152602001908152602001600020600050548361091f565b15156102f357610002565b81600060005060003373ff ffffffffffffffffffffffffffffffffffffff16815260200190815260200160002060008282825054039250508[…] https://etherscan.io/address/0xd654bDD32FC99471455e86C2E7f7D7b6437e9179 Opcodes: 0x60: PUSH1 EVM opcode 0x60: The free memory pointer 0x60: PUSH1 EVM opcode 0x40: Memory position for the free memory pointer MSTORE : EVM opcode is 0x52
  • 22. OWASP FOUNDATION owasp.org Decompiled withdraw function https://etherscan.io/address/0xd654bDD32FC99471455e86C2E7f7D7b6437e9179
  • 23. OWASP FOUNDATION owasp.org Attacker Contract by Nikolai Mushegian Decompiled https://etherscan.io/address/0x4AfB544Eb87265cF7Fc8fdB843c81d34F7E2A369
  • 25. OWASP FOUNDATION owasp.org OWASP Smart Contract Top 10 (2023) • Reentrancy Attacks • Integer Overflow and Underflow • Timestamp Dependence • Access Control Vulnerabilities • Front-running Attacks • Denial of Service (DoS) Attacks • Logic Errors • Insecure Randomness • Gas Limit Vulnerabilities • Unchecked External Calls
  • 29. OWASP FOUNDATION owasp.org Integer Overflow and Underflow An integer overflow occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may wrap to become a very small or negative number. https://cwe.mitre.org/data/definitions/190.html
  • 30. OWASP FOUNDATION owasp.org Increment uint8 (2^8-1) in Solidity 0+1=1 1+1=2 2+1=3 […] 253+1=254 254+1= 255 255 + 1 = 0
  • 32. OWASP FOUNDATION owasp.org OWASP Smart Contract Top 10 (2023) • Reentrancy Attacks • Integer Overflow and Underflow • Timestamp Dependence • Access Control Vulnerabilities • Front-running Attacks • Denial of Service (DoS) Attacks • Logic Errors • Insecure Randomness • Gas Limit Vulnerabilities • Unchecked External Calls
  • 33. OWASP FOUNDATION owasp.org Abritrage CTF Admin has gifted you 5e18 Btokens on your birthday. Using A,B,C,D,E token pairs on swap contracts, increase your BTokens. Interface to Uniswap v2 https://quillctf.super.site/challenges/quillctf-x-quickswap/arbitrage
  • 34. OWASP FOUNDATION owasp.org Vulnerability Description Arbitrage arises when price discrepancies exist across different markets, trading pairs or Liquidity Pools for the same asset. However, trading fees, gas fees, and slippage must be considered. To evaluate arbitrage opportunities it is possible to evaluate the indirect and circular trade “paths”, starting from B and ending with B when the exchange rate is calculated from the quantity of different tokens present in each pool. B -> A -> C -> B B -> A -> D -> B B -> A -> E -> B B -> C -> A -> B B -> C -> D -> B B -> C -> E -> B B -> D -> A -> B B -> D -> C -> B B -> D -> E -> B B -> E -> A -> B B -> E -> C -> B B -> E -> D -> B https://docs.uniswap.org/contracts/v2/concepts/core-concepts/pools
  • 36. Open: Everything at OWASP is radically transparent from our finances to our code. Innovative: We encourage and support innovation and experiments for solutions to software security challenges. Global: Anyone around the world is encouraged to participate in the OWASP community. Integrity: Our community is respectful, supportive, truthful, and vendor neutral OWASP FOUNDATION owasp.org • What are Smart Contracts? • What are the most common vulnerabilities? • Conclusions Agenda
  • 37. OWASP FOUNDATION owasp.org Conclusions Smart Contract security is a composite problem that can be derived from: • Programming issues (e.g., arithmetic vulnerabilities). • Features of the blockchain (e.g., access control, weak sources of randomness). • Feature of the Platform (e.g., reentrancy, time dependence, frontrunning). But the main point is to understand the Business Logic of the Smart Contract we’re auditing.
  • 39. OWASP FOUNDATION owasp.org Thank you to our sponsors