63
64

Please rob my smart contract (medium.com)

provoost 投稿

全 25 件のコメント
並べ替え:
トップ (提案されたアイデア)
ベスト新着論争中古い順Q&A

[–]jacogrRedditor for 2 years with less than 100 comment karma. 12ポイント13ポイント  (3子コメント)

Nice idea. Good luck to you and the participants.

[–]romanmandeleil 0ポイント1ポイント  (2子コメント)

here is the state of the contract :

https://live.ether.camp/account/0xBe56093286038885733a66e554DD43a22a45889f

and the source:

https://live.ether.camp/account/be56093286038885733a66e554dd43a22a45889f/contract

[–]provoost[S] 1ポイント2ポイント  (1子コメント)

I uploaded the source code to etherscan.io yesterday: https://etherscan.io/address/0xBe56093286038885733a66e554DD43a22a45889f#code

Does ether.camp validate the source code the same way?

[–]romanmandeleil 1ポイント2ポイント  (0子コメント)

you can't see the state of the contracts , and the changes of the transactions on that explorer that is why ppl usually refer to live.ether.camp

[–]vmzcg 9ポイント10ポイント  (5子コメント)

Sorry, but that contract is secure and well-coded with minimal attack surface. Any exploit that works on this would work on practically every Ether contract created. Attackers will go for the larger targets.

[–]provoost[S] 6ポイント7ポイント  (3子コメント)

Thanks, that's good news. It means I can make a new version that has more features. I'm sure I'll make a mistake one day.

If I add more challenges that increases the total reward, which hopefully makes it more attractive.

Hopefully this is a prisoner dilemma; if all hackers coordinate they will not hack this or similar bounty contracts. But it just takes one person, anywhere in the world, to not cooperate and take the small reward instead.

[–]_-Wintermute-_redditor for less than 1 month 6ポイント7ポイント  (0子コメント)

Now put $200 million in it. :)

[–]vmzcg 0ポイント1ポイント  (0子コメント)

The problem you have is your contracts will fall into one of two categories:

  1. Exploit already known - nothing was gained from this contract being created, except maybe a bit of publicity
  2. Vulnerable to new exploit - your contract will be hacked, but that doesn't change the fact that everybody else's contracts will also be hacked

This is why we need an expanded Ethereum bug bounty program, the current one doesn't apply to specific contracts and is currently disabled.

Hopefully this is a prisoner dilemma; if all hackers coordinate they will not hack this or similar bounty contracts. But it just takes one person, anywhere in the world, to not cooperate and take the small reward instead.

It's not like vulnerabilities have limited uses. Why not both?

If I add more challenges that increases the total reward, which hopefully makes it more attractive.

Not if they can't be hacked.

[–]rollducksroll 0ポイント1ポイント  (0子コメント)

Except that one non-cooperative will always take the biggest vulnerable whale first. Right now there aren't many valuable contracts, but this doesn't scale to a future world unfortunately.

The exception is that if the person is white-hat and this is the bounty, and/or they're worried enough about getting caught that an open invitation is worth it for a much smaller amount

[–]sir_talkalot 2ポイント3ポイント  (0子コメント)

Yep. Seems secure to me. Start adding more so we can hack this. :D

[–]bitp 4ポイント5ポイント  (3子コメント)

How can I be sure that once I successfully drain the funds, Vitalik will not come in and Hard Fork the chain?

[–]provoost[S] 2ポイント3ポイント  (2子コメント)

Just short some ETH if you're worried about that :-)

[–]bitp 1ポイント2ポイント  (0子コメント)

I am a miner. I can't bet against the price :(

[–]paleh0rse -1ポイント0ポイント  (0子コメント)

You joke, but doing exactly that has made me quite a bit of money this week.

[–]ItsAConspiracy 4ポイント5ポイント  (2子コメント)

It looks safe from theft. One flaw is that by using send(), people who deposited ether from a wallet contract that does too much work in the fallback function will lose their ether.

You can fix this by using call.value() instead. Check whether it returns false, and throw if it does. This would make you vulnerable to a recursive call attack except you're doing the ether transfer last, so you're still safe.

To answer the question in the blog comments, both send() and call.value() just return false upon failure, instead of rethrowing exceptions (which is what calls to other contracts normally do). Solidity devs left it up to programmers to decide whether to rethrow, because in some situations it's a bad idea. (Best to avoid those situations.)

If you were sending ether to anyone besides msg.sender, an attacker could force send() to fail, and thus deny someone their ether since you're not currently checking the return value. This is done by filling the call stack before calling your contract. But in this case the attacker can only hurt himself this way.

More details here.

[–]provoost[S] 1ポイント2ポイント  (1子コメント)

This is very useful info, thanks! I'll take this into account in the next version.

[–]sir_talkalot 1ポイント2ポイント  (0子コメント)

It's recommend to not use call.value() unless you are sure about reentrant attacks. Best to use send() to keep reentrant attacks from occurring and instead use contract functions for depositing, rather than a naked ether send.

And yes, you can call stack attack yourself. You need to check if send or call succeeded or not.

[–]_-Wintermute-_redditor for less than 1 month 1ポイント2ポイント  (0子コメント)

I can only assume it contains $200 million USD as incentive for hackers right? :)

[–]flugg 0ポイント1ポイント  (0子コメント)

Great idea. I remember someone recommending storing Bitcoin wallets with small amounts on your computer as a check to see whether it was compromised.

[–]0x8000 -1ポイント0ポイント  (2子コメント)

100Eur? Do you know how much a security audit costs? I don't think that any good pentester will look at it.

[–]provoost[S] 0ポイント1ポイント  (0子コメント)

I'm aware that security audits are expensive, but so are encyclopedias. A crowd of less-good pentesters working in parallel might still find a weakness.

Other people are also more than welcome to clone the contract and set a bigger reward.

[–]ItsAConspiracy 1ポイント2ポイント  (0子コメント)

It's short enough for anyone competent to check in the time it takes to write a few paragraphs on reddit.

[–]Critical_Faculty -1ポイント0ポイント  (1子コメント)

Why would I bother to try and hack a contract with just €100 of ether in it - I mean I could earn €90 working on minimum wage in the time it would take to break this. And at the end of that I would definitely have €70.

Seriously - €50 is not enough.

[–]provoost[S] 1ポイント2ポイント  (0子コメント)

There are places in the world where it takes a long time to earn €100 at minimum wage (even if you exclude places with no access to computers and internet). There are also people who are motivated by other factors than just money.

The key here is that I'm motivated to not lose money, which hopefully means I'll write better code than I would if someone just pays me regardless of the consequences.

[–]crypthorkredditor for less than 1 month -3ポイント-2ポイント  (0子コメント)

complicated