smartbugs-curated/dataset/access_control
gsalzer 618cc4b670
Update parity_wallet_bug_1.sol
Fixing compiler version
2023-02-08 12:38:07 +00:00
..
FibonacciBalance.sol Add SB Curated (copied from the smartbugs repository). 2022-11-23 09:07:09 +00:00
README.md Add SB Curated (copied from the smartbugs repository). 2022-11-23 09:07:09 +00:00
arbitrary_location_write_simple.sol Add SB Curated (copied from the smartbugs repository). 2022-11-23 09:07:09 +00:00
incorrect_constructor_name1.sol Add SB Curated (copied from the smartbugs repository). 2022-11-23 09:07:09 +00:00
incorrect_constructor_name2.sol Add SB Curated (copied from the smartbugs repository). 2022-11-23 09:07:09 +00:00
incorrect_constructor_name3.sol Add SB Curated (copied from the smartbugs repository). 2022-11-23 09:07:09 +00:00
mapping_write.sol Add SB Curated (copied from the smartbugs repository). 2022-11-23 09:07:09 +00:00
multiowned_vulnerable.sol Add SB Curated (copied from the smartbugs repository). 2022-11-23 09:07:09 +00:00
mycontract.sol Add SB Curated (copied from the smartbugs repository). 2022-11-23 09:07:09 +00:00
parity_wallet_bug_1.sol Update parity_wallet_bug_1.sol 2023-02-08 12:38:07 +00:00
parity_wallet_bug_2.sol Add SB Curated (copied from the smartbugs repository). 2022-11-23 09:07:09 +00:00
phishable.sol Add SB Curated (copied from the smartbugs repository). 2022-11-23 09:07:09 +00:00
proxy.sol Add SB Curated (copied from the smartbugs repository). 2022-11-23 09:07:09 +00:00
rubixi.sol Add SB Curated (copied from the smartbugs repository). 2022-11-23 09:07:09 +00:00
simple_suicide.sol Add SB Curated (copied from the smartbugs repository). 2022-11-23 09:07:09 +00:00
unprotected0.sol Add SB Curated (copied from the smartbugs repository). 2022-11-23 09:07:09 +00:00
wallet_02_refund_nosub.sol Add SB Curated (copied from the smartbugs repository). 2022-11-23 09:07:09 +00:00
wallet_03_wrong_constructor.sol Add SB Curated (copied from the smartbugs repository). 2022-11-23 09:07:09 +00:00
wallet_04_confused_sign.sol Add SB Curated (copied from the smartbugs repository). 2022-11-23 09:07:09 +00:00

README.md

Access Control

Access Control issues are common in all programs, not just smart contracts. In fact, it's number 5 on the OWASP top 10. One usually accesses a contract's functionality through its public or external functions. While insecure visibility settings give attackers straightforward ways to access a contract's private values or logic, access control bypasses are sometimes more subtle. These vulnerabilities can occur when contracts use the deprecated tx.origin to validate callers, handle large authorization logic with lengthy require and make reckless use of delegatecall in proxy libraries or proxy contracts.

Loss: estimated at 150,000 ETH (~30M USD at the time)

Attack Scenario

A smart contract designates the address which initializes it as the contract's owner. This is a common pattern for granting special privileges such as the ability to withdraw the contract's funds. Unfortunately, the initialization function can be called by anyone — even after it has already been called. Allowing anyone to become the owner of the contract and take its funds.

Examples

In the following example, the contract's initialization function sets the caller of the function as its owner. However, the logic is detached from the contract's constructor, and it does not keep track of the fact that it has already been called.

function initContract() public {
	owner = msg.sender;
}

In the Parity multi-sig wallet, this initialization function was detached from the wallets themselves and defined in a "library" contract. Users were expected to initialize their own wallet by calling the library's function via a delegateCall. Unfortunately, as in our example, the function did not check if the wallet had already been initialized. Worse, since the library was a smart contract, anyone could initialize the library itself and call for its destruction.

References

Taken from DASP TOP10