👮
Contract Cops
  • Mastering Ethereum Book
    • What is ethereum?
    • Tokens
    • Oracles
    • Decenralized Applications(DApps)
    • The Ethereum virtual machine
    • Ethereum basics
    • Ethereum clients
    • Cryptography
    • Wallets
    • Transactions
    • Chapter 7 - Smart Contracts & Solidity
    • Side Notes
      • Tokens
      • Smart Contracts and Solidity
  • Cryptography
    • Ethereum Cryptography - Cheatsheet
    • Assymetric vs symmetric cryptography
    • ECDSA vs RSA
    • Elliptic curves and ECDSA
    • Sha-256 Example
    • Sha-256
    • What are the different steps in SHA-256?
  • Ethereum Blocks
    • Block Headers
  • Learning Solidity
    • Storage vs memory
    • Upgradeable contracts
      • Proxy pattern in smart contracts
  • PoS
    • Proof of stake
  • PoW
    • PoW
  • Tokens
    • ERC-1155
    • ERC20
  • Cryptonomics
    • Automated market makers
    • Collateral Tokens
    • Collateralized Stablecoin
    • Fiat currency
    • Liquidity pool
    • Open Position: Meaning and Risk in Trading
    • Slippage
    • Spot price
  • Common Attack Vectors
    • Checking access control
    • Access control issues on critical functions
    • Account Existence Check for low level calls
    • Account Existence Check
    • Common attacks with contract/EOA addresses
    • Arithmetic under/overflow
    • Assert Attack
    • Assert require revert
    • Assert Violation
    • Bad Interface DOS
    • Bad pragma and compiler
    • Block Timestamp Manipulation
    • Bypassing contract check
    • Code With No Effects
    • Code size check vulnerability
    • Constructors with Care
    • Default Visibilities
    • Delegatecall
    • Delegatecall
    • Denial of Service (DoS)
    • DoS with block gas limit
    • Entropy Illusion
    • External contract referencing
    • Flash Loan Attack
    • Floating Point and Precision
    • Function selector abuse
    • Function selector abuse
    • Smart contract gas griefing
    • Hash collision parameters
    • Hash Collisions With Multiple Variable Length Arguments
    • Imprecise arithmetic
    • Improper Array Deletion
    • Incorrect array deletion
    • Incorrect interface
    • Insufficient Gas Griefing
    • Loop through long arrays
    • Message call with hardcoded gas amount
    • Not enough gas for ether transfer
    • Precision Loss in Calculations
    • Oracle Manipulation
    • Public Burn Function
    • Read-only reentrancy
    • Race Conditions/Front Running
    • Reentrancy Attacks
    • Reentrancy
    • Requirement Violation
    • Right-To-Left-Override control character (U+202E)
    • Shadowing State Variables
    • Short Address / Parameter attack
    • Signature Malleability
    • Signature Replay
    • Transaction Order Dependence
    • Tx.Origin Authentication
    • Unchecked CALL Return Values
    • Unexpected ether
    • Uninitialized Storage Pointers
    • Unsafe Ownership Transfer
  • EIP's
    • EIP155
    • EIP55
  • PoW
    • Ethash
    • Scrypt - RFC 7914
  • Questions for self evaluation
    • Questions 23/04/2023 (Nr: 84)
    • Usability guide for questions
  • Frequently asked questions
    • What is the difference between transaction and message?
    • What is the use of a interface or function without implementation?
  • UsefulResources
Powered by GitBook
On this page
  1. Common Attack Vectors

Arithmetic under/overflow

PreviousCommon attacks with contract/EOA addressesNextAssert Attack

Last updated 2 years ago

IMPORTANT: This issue has been resolved with Solidity compiler versions 0.8.0 and above. The EVM now reverts the transaction automatically on under/overflow

Using any SafeMath libraries is now deprecated and gas inefficient

In solidity, integers can be stored and specified in various ways and sizes

For the sake of simplicity, we'll use uint8 to avoid long numbers.

uint8 means that the variable can store an unsigned integer of up to 8 bits.

The maximum size of this integer is 255

What happens when the integer is at 255 and we increment it once more?

This scenario is called an integer overflow. The size assigned is not enough and the integer "overflows" to 0.

Similar thing happens when our integer initialized at 0 and we decide to decrement

This is called integer underflow. We take one out from an unsigned integer, making it "underflow" to the biggest number that it can hold (255 in this example)

We can see the overflow vulnerability firsthand in the following example given in the Mastering Ethereum book:

An attacker is able to reset the lockTime of this lock by figuring out exactly how much time is left and incrementing it to the point it overflows back to 0, making the timelock useless.

Similarly, here's an example for the underflow vulnerability:

The require statement on line 13 allows us to give a bigger value of what the balance[msg.sender] is. This makes it so that the integer underflows, allowing us to pass through and give us more value than we actually have.

Preventative techniquesSafeMath (or other alternative) libraries should be used. The one by OpenZeppelin provides logical checks before an arithmetic operation is performed, reverting the transaction on under/overflow.

1680342164257
1680342621317