Channel: CodeSection,代码区,网络安全 - CodeSec
Viewing all articles
Browse latest Browse all 12749

Security of Smart Contracts

Section 1. Introduction

In today’s globalized world, it is not an unusual occurrence a contract to be concluded by parties located in nine different countries. The resolution of disputes arising out of such international contracts requires significant financial resources, e.g., fees for translating documents in many different languages, court costs, and attorneys’ fees. Extensive investments in dispute resolution schemes are not feasible if the monetary value of the disputes is low. Furthermore, even if such investments are feasible, the contracting parties may not have the financial resources necessary for enforcing their contracts. As Chris Ellis, a co-founder of the open-source Internet currency Feathercoin noted: “At present justice only works if you can afford a lawyer to enforce that agreement. So once smart contracts have the ability to enforce agreements on their own it will be game-changing.”

Although smart contracts have a potential to revolutionize the way in which contracts are concluded, the major obstacles which designers of smart contracts need to overcome are their information security vulnerabilities. To illustrate the consequences which such vulnerabilities may have, it is sufficient to note the recent hack of the most popular smart contract, the Decentralized Autonomous Organization (DAO). The software code of the DAO constitutes the terms of the contract. The contract automatically regulated members’ contributions, which exceeded USD 150,000,000. On 17 th of June 2016, one of the members of the DAO found a software flaw, which allowed him/her to obtain $50,000,000 in a cryptocurrency called Ether. From a legal point of view, it can be argued that the initiator of such an operation has not done anything illegal. The person simply acted by the rules of the DAO. Thus, information security vulnerabilities of smart contracts can be used to “legitimately” steal money.

To set the scene for the analysis of the security of smart contracts, we will discuss the characteristics of smart contracts (Section 2). Next, we will examine five vulnerabilities of smart contracts, namely, vulnerabilities in smart Ponzi schemes (Section 3), vulnerabilities of smart casino games (Section 4), the reentrancy bug (Section 5), and manipulation of contract outcomes (Section 6). Finally, a conclusion is drawn (Section 7).

Section 2. Characteristics of smart contracts

Smart contracts have three main characteristics, namely, (i) self-verifiability, (ii) self-execution, and (iii) resistance to modification.

Self-verifiability refers to the ability of smart contracts to check automatically if the contractual performance has occurred.

Self-execution means that, once one of the parties performs its obligations, the smart contract will automatically perform the obligation of the other party. Jeff Garzik, co-founder at blockchain services startup Bloq stated in relation to self-execution of smart contracts: “There’s never any confusion, and there’s never any need for litigation. It’s simply a very limited, computer-guaranteed set of outcomes.”

Resistance to modification means that one of the parties can not unilaterally modify smart contracts.

To illustrate the three characteristics of smart contracts, a smart contract concluded between the owner of a paid parking place and drivers may automatically detect the presence of the drivers in the parking place (self-verifiability) and automatically deduct the applicable parking fees from drivers’ bank accounts (self-execution). Besides, the owner of the parking place and the drivers may not be able to modify the contract because it will be stored in a distributed database. It is widely accepted that a single participant in a large distributed database, such as Bitcoin and Ethereum, cannot influence a network of 6000+ nodes exclusively in his/her favor.

Section 3. Vulnerabilities of smart Ponzi schemes

Smart contacts can be used by creators of Ponzi schemes to collect payments from their victims. A smart Ponzi scheme is a fraudulent investment operation in which a creator of the scheme uses a smart contract to pay returns to its investors from a new capital paid to the creator by the investors. Smart contracts allow the complete automatization of Ponzi schemes. For example, let’s say that a smart Ponzi scheme consists of three parties, namely, A, B, and C. A is the creator of the Ponzi scheme. B was persuaded by A to participate in the smart Ponzi scheme. C was persuaded by B to participate in the smart Ponzi scheme. When B enters the smart contract, B automatically sends 4 units of virtual currency to A. When C enters the smart Ponzi scheme, C automatically sends 2.5 units of virtual currency to A and 1,5 to B. Some creators of smart Ponzi schemes argue that, in comparison with schemes which are based on a written contract, the creators of the smart Ponzi schemes cannot run off with the money. However, taking into account the previously discussed attack on the DAO, one can imagine a situation in which the smart contract of a Ponzi scheme contains intentionally added security vulnerabilities which can, at a later stage, be used by the creators of the scheme to steal participants’ money.

Section 4. Vulnerabilities of smart casino games

Smart contract technology may be widely applied in the domain of casinos games. (“smart casino games”). For example, there is an existing smart Roulette-contract. Smart casino games allow players to gamble with virtual currencies. Since participants in smart casino games usually have access to the source code of the contract, they may identify information security vulnerabilities in that source code. It is worth mentioning that security researchers have already found a number of vulnerabilities in the aforementioned smart Roulette-contract which, if exploited, allow the players to win roulette games easily. Because smart contracts are usually entirely or partially unchangeable, it may be difficult to remove security vulnerabilities in the agreements regulating smart casino games. One solution to this problem is to add expiration dates to smart casino contracts. Thus, the operators will be able to fix bugs in the contracts when their expiration dates are reached.

Section 5. The reentrancy bug

Smart contracts may also be vulnerable to the reentrancy bug. In simple words, the reentrancy bug allows a user to receive multiple benefits from a smart contract by cheating the smart contract that the requested benefits have not been delivered yet. The reentrancy bug was the very cause of the DAO’s hack, which has been discussed above. To mitigate the damages from the reentrancy bug, the DAO voted to implement a radical software change (also known as a “hard fork”), which will return the stolen funds to their initial owners. However, the hard fork initiative was opposed by many individuals due to the following two reasons: (i) the hard fork violates the principle of “Code is law” which means that the code, similarly to law, should not be changed with a retrospective effect; and (ii) any changes made in the software decrease the confidence in the DAO because it can be the beginning of a slippery slope which will lead to an organization without clearly defined rules. The “re-entrancy” bug can have a devastating effect on machine-to-machine commerce, i.e., commercial transactions between autonomous smart devices. For example, if one million dishwashers automatically buy and use their own detergent, the transaction will be irreversible even with a “hard fork”.

Ethical Hacking Training Resources (InfoSec)

Section 6. Manipulation of contract outcomes

Some smart contracts can be manipulated by their participants. A typical example is the smart contract GovernMental. GovernMental, which functions by using the previously discussed Ponzi scheme, accepts investments from investors. Every new investment is distributed as follows: (i) 5% goes to a jackpot; (ii) 5% goes to the owner of the smart contract, and (iii) 90% goes to previous investors. If no investor invests for a period of 12 hours, the last investor receives the jackpot. Security researchers found a bug in GovernMental which allows the participants in the game to finish the current round earlier. Thus, the parties of the smart contract could manipulate its outcome.

Section 7. Conclusion

The concept of a smart contract was introduced in 1994 by Nick Szabo (computer scientist and legal scholar). With the advent of Bitcoin blockchain technology, the concept quickly gained popularity. Similarly to other buzzwords (e.g., the Internet of Things), the term “smart contract” is not clearly defined. Smart contracts generally have three important characteristics, namely, self-verifiability, self-execution, and resistance to modification.

Although smart contracts have many advantages (e.g., fairly easy to program and potential to be used in a wide range of applications), they may have serious security vulnerabilities. Furthermore, some of those vulnerabilities may be masqueraded back doors. In this article, we mentioned four such vulnerabilities, i.e., vulnerabilities of smart Ponzi schemes, vulnerabilities of smart casino games, the reentrancy bug, and manipulation of contract outcomes. In the future, we can expect more security vulnerabilities to be publicized. This is because, since the technologies used for the creation of smart contracts (mainly Blockchain and Ethereum ) are relatively new, many important bugs have not been discovered yet.

To avoid security issues related to smart contracts, the creators of such contracts are advised to: (i) use an excellent development environment; (ii) use standard programming components which have stood the test of time; (iii) learn from information security vulnerabilities mentioned in media reports; and (iv) hire experts in detection of security vulnerabilities. However, even if these four steps are completed, there is no guarantee that a smart contract will be flawless. In this regard, Philip Daian, a security expert, said: “even the highest assurance programs we have running our planes and our cars and the space shuttle occasionally have errors in them.”

References Buntinx, JP, ‘Ponzi Scheme Meets Smart Contracts With Ethereum Piggybank’, Themerkle.com , 24 March 2016. Available at http://themerkle.com/ponzi-scheme-meets-smart-contracts-with-ethereum-piggybank/ . Cassano, J., ‘What Are Smart Contracts? Cryptocurrency’s Killer App’, Fast Company , 17 September 2014. Available at http://www.fastcompany.com/3035723/app-economy/smart-contracts-could-be-cryptocurrencys-killer-app . De Castro, D., ‘A Solution to Smart Contract Vulnerabilities’, LinkedIn , 15 July 2016. Available at https://www.linkedin.com/pulse/solution-smart-contract-vulnerabilities-deborah-de-castro . Finley, K., ‘A $50 Million Hack Just Showed That The Dao Was All Too Human’, Wired , 18 June 2016. Available at http://www.wired.com/2016/06/50-million-hack-just-showed-dao-human/ . ‘GovernMental.’ Available at http://governmental.github.io/GovernMental/ . Greenspan, G., ‘Smart contracts and the DAO implosion’, MultiChain , 22 June 2016. Available at http://www.multichain.com/blog/2016/06/smart-contracts-the-dao-implosion/ . Hayes, A., ‘Ethereum Reaches Consensus to Hard Fork, Fixing DAO Hack’, Investopedia , 19 July 2016. Available at http://www.investopedia.com/articles/investing/071916/ethereum-reaches-consensus-hard-fork-fixing-dao-hack.asp . Levine, M., ‘Blockchain Company’s Smart Contracts Were Dumb’, Bloomberg , 17 June 2016. Available at http://www.bloomberg.com/view/articles/2016-06-17/blockchain-company-s-smart-contracts-were-dumb . Luu, L., et. al., ‘Making Smart Contracts Smarter’, Cryptology ePrint Archive . Available at https://eprint.iacr.org/2016/633.pdf . Maras, E., ‘KIBO to Provide Integrated Lottery Games Built on Ethereum Smart Contracts’, Crypto Coins News , 9 August 2016. Available at https://www.cryptocoinsnews.com/kibo-to-provide-integrated-lottery-games-built-on-ethereum-smart-contracts/. Mougayar, W., ‘The Business Blockchain: Promise, Practice, and Application of the Next Internet Technology’, John Wiley & Sons , 2016. Shackelford, S., ‘ Managing Cyber Attacks in International Law, Business, and Relations: In International Law, Business, and Relations ‘, Cambridge University Press: 2014. Available at https://books.google.be/books?id=_q2BAwAAQBAJ&pg=PA39&dq=%22Code+is+law+%22&hl=en&sa=X&redir_esc=y#v=onepage&q=%22Code%20is%20law%20%22&f=false . ‘SmartContract’. Available at https://smartcontract.com . Solomon, H., ‘ Smart contract vulnerability a warning to CISOs, developers’, IT World Canada , 18 July 2016. Available at http://www.itworldcanada.com/article/smart-contract-vulnerability-a-warning-to-cisos-developers/ . Startk, J., ‘Making Sense of Blockchain Smart Contracts’, CoinDesk , 4 June 2016. Available at http://www.coindesk.com/making-sense-smart-contracts/ . Sundararajan, A., ‘ The Sharing Economy: The End of Employment and the Rise of Crowd-Based Capitalism ‘, MIT Press, 2016? Troy, S., ‘Blockchain ledger lays foundation for programmable economy’, TechTarget . Available at http://searchcio.techtarget.com/feature/Blockchain-ledger-lays-foundation-for-programmable-economy . Troy, S., ‘What is a smart contract and what’s it good for?’, TechTarget. Available at http://searchcio.techtarget.com/feature/What-is-a-smart-contract-and-whats-it-good-for . Vessenes, P., ‘We Need Some Best Practices For Smart Contracts’, Vessenes.com , 23 May 2016. Available at http://vessenes.com/we-need-some-best-practices-for-smart-contracts/ . Co-Author
Security of Smart Contracts
Rasa Juzenaite works as a project manager in an IT legal consultancy firm in Belgium. She has a Master degree in cultural studies with a focus on digital humanities, social media, and digitization. She is interested in the cultural aspects of the current digital environment.

Viewing all articles
Browse latest Browse all 12749

Latest Images

Trending Articles

Latest Images