#RSAC
SESSION ID:
Konstantinos Karagiannis
Advanced Smart Contract Hacking
HT-F02
CTO, Security ConsultingBT@KonstantHacker
#RSAC
When transactions aren’t enough
2
“The key component is this idea of a Turing-complete blockchain”--Vitalik Buterin
#RSAC
Meow—putting that computing power to use?
3
#RSAC
Smart contracts
4
#RSAC
Millions of reasons to hack smart contracts
#RSAC
Problem isn’t going away
#RSAC
Solidity
#RSAC
Dev tools
.sol files > bytecode > blockchain
Atom with plugins:– language-ethereum– etheratomRemix: browser based
#RSAC
oyente and Manticore
#RSAC
MAIAN
#RSAC
Methodology
Interview devs
Review .sol file
Try compiling
Dissect code flow
Run oyente (cross fingers)
Run Manticore
Run MAIAN
Manually check for following vulns…
#RSAC
Reentrancy
#RSAC
Leave off the first “re-” for savings
#RSAC
Writing a contract to attack a contract
#RSAC
Reentrancy (and irony) in the dao code
#RSAC
Default public – Parity wallet hack
#RSAC
initWallet
#RSAC
execute
#RSAC
Parity multisig wallet hack 2
#RSAC
Parity 2 transactions
#RSAC
Not going with the (over)flow
2256 -1
#RSAC
Unchecked send in king of the ether
#RSAC
Unchecked send
#RSAC
Gas limits
#RSAC
Withdraw don’t send
#RSAC
Withdrawn not sent
#RSAC
Transaction-ordering dependence
#RSAC
Transaction-ordering dependence
#RSAC
Call-stack depth limit
#RSAC
Variable or function ambiguity
#RSAC
Odds and ends
Timestamp dependence
Business logic flaws
Encryption
Separating public/private data
#RSAC
Prepping for the future…
#RSAC
Real-time blockchain protection
#RSAC
Get involved
34
Master Solidity
Experiment with smart contract hacking challenges online
Now that we’re done with the coin-price craze, companies are doing practical things with this technology
Enterprise Ethereum Alliance member companies are a great place to start