The document discusses various aspects of Ethereum smart contracts, including notable security vulnerabilities and attacks on the network, such as the DAO hack and parity wallet breaches. It provides insights into coding practices, prevention strategies, and tools for auditing and testing smart contracts. Additionally, it highlights the necessity of thorough testing and monitoring to prevent exploits in blockchain technologies.

1. General enough text that is displayed usually
on the first slide

2. Attacks
by Marcin Majchrzak
on Smart Contracts

3. Disclaimer
Quality over Quantity

4. Cheats
Invisible Cheatsheet:
- This slide is empty
- You can not see it
- But I can ♥

5. Disclaimer
Mainly on Eth
%
//%%
///%%%
////%%%%
/////%%%%%
//////%%%%%%
///////%%%%%%%
////////%%%%%%%%
/////////%%%%%%%%%
//////////%%%%%%%%%%
///////////%%%%%%%%%%%
////////////%%%%%%%%%%%%
///////////%%&@@%%%%%%%%%%
////////%%%%%%&@@@@@@%%%%%%%
/////%%%%%%%%%%&@@@@@@@@@@%%%%
/%%%%%%%%%%%%%%%&@@@@@@@@@@@@@@%
/%%%%%%%%%%%%%%%%&@@@@@@@@@@@@@@@@
%%%%%%%%%%%%%%%%%&@@@@@@@@@@@@@@@@@
%%%%%%%%%%%%%&@@@@@@@@@@@@@
/ %%%%%%%%%&@@@@@@@@@ %
/// %%%%%%&@@@@@@ %%%
////// %%%&@@@ %%%%%%
/////// * %%%%%%%
///////// %%%%%%%%%
///////////#%%%%%%%%%%%
/////////#%%%%%%%%%
////////#%%%%%%%%
///////#%%%%%%%
/////#%%%%%
////#%%%%
//#%%
/#%

6. The Scale of Attacks
Hacker stole 3.6 million Ether
($50 million) - DAO
Hacker stole 150k Ether
($30 million) - Parity
Attackers stole 50k Ether
($7 million) - Coindash
Attackers stole $8.4 million
in tokens - Veritaseum
Thief stole 25k Ether
($13 million) - Bancor
Millions

7. About Ethereum
If you know the enemy and know yourself,
you will win a hundred of battles.
Sun Tzu, The Art of War

8. Solidity
About Ethereum
Invisible Cheatsheet:
- Statically typed
- Inheritance
- C++, Python, JS

9. About Ethereum
Bytecode
606060409081526002805460a060020a60ff02191690556101c090519081016040908152603c825260
78602083015261012c9082015261025860608201526107086080820152610e1060a0820152611c2060
c082015261384060e082015261708061010082015261e1006101208201526201518061014082015262
02a3006101608201526205460061018082015262093a806101a0820152620000a790600390600e6200
04e4565b50600f60055566071afd498d0000600e553415620000c457600080fd5b6002805460008054
600160a060020a033316600160a060020a03199182168117835560a060020a60ff0219909316740100
0000000000000000000000000000000000000017169091179091556200012f90808060001981640100
000000620028f06200013682021704565b5062000649565b6000806200014362000587565b600063ff
ffffff891689146200015857600080fd5b63ffffffff881688146200016b57600080fd5b61ffff8716
87146200017c57600080fd5b600287049250600d8361ffff1611156200019557600d92505b61010060
405190810160409081528782526001604060020a0342166020830152600090820181905263ffffffff
808c1660608401528a16608083015260a082015261ffff80851660c0830152881660e0820152600680
54919350600191808301620002018382620005cb565b60009283526020909220859160020201815181
55602082015160018201805467ffffffffffffffff19166001604060020a0392909216919091179055
60408201518160010160086101000a8154816001604060020a0302191690836001604060020a031602
1790555060608201518160010160106101000a81548163ffffffff021916908363ffffffff16021790
555060808201518160010160146101000a81548163ffffffff021916908363ffffffff160217905550
60a08201518160010160186101000a81548163ffffffff021916908363ffffffff16021790555060c0
82015181600101601c6101000a81548161ffff021916908361ffff16021790555060e0820151600190
9101805461ffff929092167e0100000000000000000000000000000000000000000000000000000000
000002600160f060020a039092169190911790555003905063ffffffff811681146200035e57600080
fd5b7f0a5311bd2a6608f08a180df2ee7c5946819a649b204b554bb8e39825b2c50ad5858284606001
5163ffffffff16856080015163ffffffff168651604051600160a060020a0390951685526020850193
9093526040808501929092526060840152608083019190915260a0909101905180910390a1620003ef
60008683640100000000620025e0620003fb82021704565b98975050505050505050565b600160a060
Invisible Cheatsheet:
- Solc
- Vyper
- Serpent
- LLL

10. About Ethereum
Assembly
PUSH1 0x60
PUSH1 0x40
MSTORE
PUSH1 0x04
CALLDATASIZE
LT
PUSH2 0x02a5
JUMPI
PUSH4 0xffffffff
PUSH1 0xe0
PUSH1 0x02
EXP
PUSH1 0x00
CALLDATALOAD
DIV
AND
PUSH4 0x01ffc9a7
DUP2
EQ
PUSH2 0x02dd
JUMPI
DUP1
PUSH4 0x0519ce79
EQ
PUSH2 0x0329Invisible Cheatsheet:
- Opcodes

11. About Ethereum
Disassembly
PUSH1 0x60
PUSH1 0x40
MSTORE
PUSH1 0x04
CALLDATASIZE
LT
PUSH2 0x02a5
JUMPI
PUSH4 0xffffffff
PUSH1 0xe0
PUSH1 0x02
EXP
PUSH1 0x00
CALLDATALOAD
DIV
AND
PUSH4 0x01ffc9a7
DUP2
EQ
PUSH2 0x02dd
JUMPI
DUP1
PUSH4 0x0519ce79
EQ
PUSH2 0x0329
Invisible Cheatsheet:
- EVMDis
- Binary Ninja
- Searching for Vulns

12. About Ethereum
EVM
PUSH1 0x60
PUSH1 0x40
MSTORE
PUSH1 0x04
CALLDATASIZE
LT
PUSH2 0x02a5
JUMPI
PUSH4 0xffffffff
PUSH1 0xe0
PUSH1 0x02
EXP
PUSH1 0x00
CALLDATALOAD
DIV
AND
PUSH4 0x01ffc9a7
DUP2
EQ
PUSH2 0x02dd
JUMPI
DUP1
PUSH4 0x0519ce79
EQ
PUSH2 0x0329
Invisible Cheatsheet:
- Too broad
- Stack
- Memory
- Storage

13. About Ethereum
Blockchain
PUSH1 0x60
PUSH1 0x40
MSTORE
PUSH1 0x04
CALLDATASIZE
LT
PUSH2 0x02a5
JUMPI
PUSH4 0xffffffff
PUSH1 0xe0
PUSH1 0x02
EXP
PUSH1 0x00
CALLDATALOAD
DIV
AND
PUSH4 0x01ffc9a7
DUP2
EQ
PUSH2 0x02dd
JUMPI
DUP1
PUSH4 0x0519ce79
EQ
PUSH2 0x0329
Invisible Cheatsheet:
- Too broad
- Running EVM
- Transactions

14. About Ethereum
Transaction
Invisible Cheatsheet:
- Code in data
- Input to contracts

15. About Ethereum
Python implementations
Client: https://github.com/
ethereum/pyethapp
Core: https://github.com/
ethereum/pyethereum
VM: https://github.com/
ethereum/py-evm

16. Biggest Attacks

17. Biggest Attacks
17 June 2006 - the attacker drained 3.5M ETH (~$50M) from the DAO smart contract,
collected in an ICO a month earlier. The DAO hack occurred after the token sale had
already ended.
The DAO
Attack happened due to a recursive calling vulnerability. The attacker withdrew Ether from The
DAO smart contract multiple times using the same DAO Tokens.
Facts
The DAO has 663 lines of code. Statistics show, that there are up to 15–50 bugs
per 1000 lines of code. Although extensive testing and auditing can significantly
reduce this number, it is very hard to bring it down to 0.

18. Biggest Attacks
The DAO
Actual Code
Invisible Cheatsheet:
- Calc funds
- Send funds
- Event
- Update last

19. Biggest Attacks
The DAO
Simplified
Invisible Cheatsheet:
- Calc funds
- Send funds
- Update last

20. Biggest Attacks
The DAO
Attacker
Invisible Cheatsheet:
- Interface
- Withdraw
- Fallback

21. Biggest Attacks
The DAO
Flow
Attacker Victim

22. Biggest Attacks
The DAO
Flow
Attacker Victim

23. Biggest Attacks
The DAO
Flow
Attacker Victim

24. Biggest Attacks
The DAO
Flow
Attacker Victim

25. Biggest Attacks
The DAO
Flow
Attacker Victim

26. Biggest Attacks
The DAO
Bug
Reentrancy

27. Biggest Attacks
The DAO
Solution
https://github.com/
OpenZeppelin/openzeppelin-solidity/
blob/master/
contracts/utils/ReentrancyGuard.sol

28. Biggest Attacks
The DAO
Prevention
Invisible Cheatsheet:
- Guard counter
- Code execution
- Comparing counter

29. Biggest Attacks
The DAO
Example
Invisible Cheatsheet:
- Modifier
- Calc funds
- Send funds
- Update

30. Biggest Attacks
The DAO
Flow
Attacker Victim

31. Biggest Attacks
The DAO
Flow
Attacker Victim
Invisible Cheatsheet:
- localCounter = 1
- _guardCounter = 1

32. Biggest Attacks
The DAO
Flow
Attacker Victim
Invisible Cheatsheet:
- localCounter = 1
- _guardCounter = 1
Invisible Cheatsheet:
- localCounter = 2
- _guardCounter = 2

33. Biggest Attacks
The DAO
Flow
Attacker Victim
Invisible Cheatsheet:
- localCounter = 1
- _guardCounter = 1
Invisible Cheatsheet:
- localCounter = 2
- _guardCounter = 2

34. Biggest Attacks
The DAO
Flow
Attacker Victim
Invisible Cheatsheet:
- localCounter = 1
- _guardCounter = 1
Invisible Cheatsheet:
- localCounter = 2
- _guardCounter = 2

35. Biggest Attacks
The DAO
Flow
Attacker Victim
Invisible Cheatsheet:
- localCounter = 1
- _guardCounter = 1
Invisible Cheatsheet:
- localCounter = 2
- _guardCounter = 2

36. Biggest Attacks
The DAO
Flow
Attacker Victim
Invisible Cheatsheet:
- localCounter = 1
- _guardCounter = 1
Invisible Cheatsheet:
- localCounter = 2
- _guardCounter = 2
Invisible Cheatsheet:
- localCounter = 2
- _guardCounter = 3

37. Biggest Attacks
The DAO
After the DAO
Hard Fork
Invisible Cheatsheet:
- Recover DAO funds
- Partially agree
- Partially disagree
- Division

38. Biggest Attacks
The DAO
Consequences

39. Biggest Attacks
19 July 2017 - bug found in the multi-signature wallet code used as part of Parity
Wallet software was exploited and 150k ETH (~$30M) was stolen.
Parity
6 November 2017 - vulnerability in the smart contract code was exploited and
more than 500k ETH (~$150M) was frozen.
Facts
5 June 2018 - 3rd security alert had place for Parity regarding potential consensus issue.
However this time there were no casualties.

40. Biggest Attacks
Actual Code
Parity
Invisible Cheatsheet:
- Library init
- Library kill
- Wallet lib ref
- Wallet fallback
- No visibility on init

41. Biggest Attacks
Simplified
Parity
Invisible Cheatsheet:
- How Lib work
- In general

42. Biggest Attacks
Delegate Call
Parity
Invisible Cheatsheet:
- isOwner

43. Biggest Attacks
Fallback
Parity
Invisible Cheatsheet:
- Fallback

44. Biggest Attacks
Delegate Call + Fallback
Parity
Invisible Cheatsheet:
- Combo attack

45. Biggest Attacks
Freezing Funds
Parity
Invisible Cheatsheet:
- Accidentally
- Playing
- Learning

46. Biggest Attacks
Parity
Meme
“I accidentally killed it”
- devops199
¯_(ツ)_/¯

47. Biggest Attacks
Parity
Bug
Access Control

48. Biggest Attacks
Prevention
Careful with Delegate Call
Careful with Fallback
Avoid combination of both
Parity

49. Funny Attacks

50. Funny Attacks
King of the Ether
The “King of the Ether Throne” is a game where players compete
for acquiring the title of “King of the Ether”.
Facts
If someone wishes to be the king, he must pay some ether to the current king,
plus a small fee to the contract.

51. King of the Ether
Actual Code
Funny Attacks
Invisible Cheatsheet:
- Simple enough
- King
- Fallback
- Send Ether blindly

52. Attacker
Invisible Cheatsheet:
- Interface
- Withdraw
- Fallback
- Not payable
- Code (2300 gas)
- Using transfer fails
King of the Ether
Funny Attacks

53. Bug
Unchecked Low Level Calls
King of the Ether
Funny Attacks

54. Prevention
Do not trust Receiver
Remember about default 2300 gas
User transfer or check send result
King of the Ether
Funny Attacks

55. Constructors are special functions which often perform critical,
privileged tasks when initialising contracts.
Rubixi
Before solidity v0.4.22 constructors were defined as functions
that had the same name as the contract that contained them.
Facts
Funny Attacks

56. Genesis
Rubixi
Funny Attacks

57. Typo
Rubixi
Funny Attacks

58. Rubixi
Bug
Access Control
Funny Attacks
Invisible Cheatsheet:
- Same in Parity

59. Rubixi
Prevention
Funny Attacks

60. Shortly on Exploits

61. More Exploits
Block Manipulation
Invisible Cheatsheet:
- now == block.timestamp
- Miner abusements

62. More Exploits
Front Running
HonestUser finds solution.
HonestUser sends transaction with default gas fee.
Attacker listens for HonestUser transaction.
Attacker sends copy of HonestUser transaction with
higher gas fee.
Invisible Cheatsheet:
- Mining races

63. More Exploits
Over/Under Flows
Invisible Cheatsheet:
- balances[msg.sender] = 0
- _amount = 1
- Difference = 2**256 - 1

64. Old Exploits
Call Depth Attack
Call depth attack makes an external call to fail
because it exceeds the maximum call stack of 1024.
Invisible Cheatsheet:
- Issues handling exceptions
- It is solved

65. Old Exploits
Call Depth Attack
https://github.com/
ethereum/EIPs/
blob/master/
EIPS/eip-150.md

66. Prepare for Failure
Philosophy
Invisible Cheatsheet:
- Circuit breaker
- Rate limiting
- Upgradable for bugfixes

67. Roll out carefully
Philosophy
Invisible Cheatsheet:
- Test test test
- Coverage
- Testnet
- Bug bounties
- Roll out in phases (beta)
- Volume testing

68. Keep contracts simple
Philosophy
Invisible Cheatsheet:
- Modularize
- Use already written tools
- Clarity > Performance
- KISS

69. Stay up to date
Philosophy
Invisible Cheatsheet:
- Upgradable (antipattern)
- Registry
- Monitor your tools

70. Be aware of
blockchain properties
Philosophy
Invisible Cheatsheet:
- Understand visibility
- Be careful about external calls
- Remember about gas

71. Be aware of
blockchain properties
Philosophy
Invisible Cheatsheet:
- Understand visibility
- Be careful about external calls
- Remember about gas

72. Recommendations
Avoid external calls
Invisible Cheatsheet:
- Call
- Send
- Transfer

73. Recommendations
Favour pull over push
Invisible Cheatsheet:
- Push
- Pull
- Non-reentrant

74. Recommendations
Beware the Math
Invisible Cheatsheet:
- Float does not exist

75. Patterns
Guard Check Oracle Randomness
Access Restriction Pull over Push Proxy Delegate
https://fravoll.github.io/
solidity-patterns

76. Audits
https://github.com/
solidified-platform/audits

77. Security Tools
https://consensys.github.io/
smart-contract-best-practices/security_tools/
EVMDis FSolidM SmartCheck
Security Mythril Remix

78. Security Demos
https://tool.smartdec.net/scan/
e43b9c8ef694451195a79081f93cd5d4
https://securify.chainsecurity.com/report/
502a9a0be926841675041195466749e3d9de90067356ebde805186f193e627eb

79. Some cool links
Reversing Contracts
https://arvanaghi.com/blog/
reversing-ethereum-smart-contracts/
Smashing Smart Contracts
https://www.youtube.com/
watch?v=iqf6epACgds
Colored inspection of Smart Contracts
https://arxiv.org/pdf/1807.01868.pdf
DASP - Top 10 Vulnerabilities
https://dasp.co/

80. Thank you
Invisible Cheatsheet:
- We made it ♥
- 80 slides
- Check time