#RSAC

SESSION ID:

Konstantinos Karagiannis

Advanced Smart Contract Hacking

HT-F02

CTO, Security ConsultingBT@KonstantHacker

#RSAC

When transactions aren’t enough

2

“The key component is this idea of a Turing-complete blockchain”--Vitalik Buterin

#RSAC

Meow—putting that computing power to use?

3

#RSAC

Smart contracts

4

#RSAC

Millions of reasons to hack smart contracts

#RSAC

Problem isn’t going away

#RSAC

Solidity

#RSAC

Dev tools

.sol files > bytecode > blockchain

Atom with plugins:– language-ethereum– etheratomRemix: browser based

#RSAC

oyente and Manticore

#RSAC

MAIAN

#RSAC

Methodology

Interview devs

Review .sol file

Try compiling

Dissect code flow

Run oyente (cross fingers)

Run Manticore

Run MAIAN

Manually check for following vulns…

#RSAC

Reentrancy

#RSAC

Leave off the first “re-” for savings

#RSAC

Writing a contract to attack a contract

#RSAC

Reentrancy (and irony) in the dao code

#RSAC

Default public – Parity wallet hack

#RSAC

initWallet

#RSAC

execute

#RSAC

Parity multisig wallet hack 2

#RSAC

Parity 2 transactions

#RSAC

Not going with the (over)flow

2256 -1

#RSAC

Unchecked send in king of the ether

#RSAC

Unchecked send

#RSAC

Gas limits

#RSAC

Withdraw don’t send

#RSAC

Withdrawn not sent

#RSAC

Transaction-ordering dependence

#RSAC

Transaction-ordering dependence

#RSAC

Call-stack depth limit

#RSAC

Variable or function ambiguity

#RSAC

Odds and ends

Timestamp dependence

Business logic flaws

Encryption

Separating public/private data

#RSAC

Prepping for the future…

#RSAC

Real-time blockchain protection

#RSAC

Get involved

34

Master Solidity

Experiment with smart contract hacking challenges online

Now that we’re done with the coin-price craze, companies are doing practical things with this technology

Enterprise Ethereum Alliance member companies are a great place to start