B011: Security Tidbits v2

EVM State Machine

The EVM which all code is executed upon operates in a straightforward, deterministic manner; it is a stack-based machine that operates on the latest instruction at hand at any given point in time.

Illegal Re-Entrancy States

To illustrate how re-entrancy attacks manifest, let us consider that in the above scenario the smart contract performing the unit transfers between individuals also performs an external call between the state changes that assign the newly acquired units to the target individual and subtract them from the original.

  • Both the recipient and the sender will have the transacted units readily available.
  • The total supply of the token will be incorrect.

Checks-Effects-Interactions Pattern

The most resilient solution to re-entrancy attacks is ensuring that your contract’s state-machine prohibits these states from ever occurring. An officially recognized pattern in Solidity is the Checks-Effects-Interactions pattern.

Manual Guards

There are certain edge-cases, however, where the Checks-Effects-Interactions pattern cannot be applied due to the needs of the contract. A prime example of this is the Uniswap V2 pair contract which relies on balanceOf measurements beyond the conclusion of an external call.

Conclusion

Re-entrancy attacks have been around for quite a while and are a well-known trait to the Ethereum developer community, however, this does not prevent them from taking form given that many can result from seemingly innocuous contract interactions, such as ERC-20 transfer invocations on malicious contracts.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store