not-so-smart-contracts icon indicating copy to clipboard operation
not-so-smart-contracts copied to clipboard

Published 20 hours ago verified publisher icon crytic

Added Suicidal Contract

Open ksloven opened this issue 7 years ago • 4 comments

A smart contract can have a 'self-destruct' or 'kill' option which can be called by the owner in the case of theft of ether or smart contract malfunction. But if the contract can be killed by any account/user, it is considered 'suicidal'

1 function initMultiowned ( address [] _owners , 2 uint _required ) { 3 if ( m_numOwners > 0) throw ; 4 m_numOwners = _owners . length + 1; 5 m_owners [1] = uint ( msg . sender ) ; 6 m_ownerIndex [ uint ( msg . sender )] = 1; 7 m_required = _required ; 8 /* ... / 9 } 10 11 function kill ( address _to ) { 12 uint ownerIndex = m_ownerIndex [ uint ( msg. sender ) ]; 13 if ( ownerIndex == 0) return ; 14 var pending = m_pending [ sha3 ( msg . data ) ]; 15 if ( pending . yetNeeded == 0) { 16 pending . yetNeeded = m_required ; 17 pending . ownersDone = 0; 18 } 19 uint ownerIndexBit = 2* ownerIndex ; 20 if ( pending . ownersDone & ownerIndexBit == 0) { 21 if ( pending . yetNeeded <= 1) 22 suicide (_to) ; 23 else { 24 pending . yetNeeded - -; 25 pending . ownersDone |= ownerIndexBit ; 26 } 27 } 28 } }

Attack : user calls initMultiowned with empty array for _'owners', and zero for '_required'. Then user invokes 'kill' function which needs '_required' number of owners (line 16) before the suicide function is called (line 22). Since the initial initMultiowned call was set to zero, the suicide function executes

Known exploit: Parity (https://github.com/paritytech/parity/issues/6995)

ksloven avatar May 08 '18 16:05 ksloven

Did you mean to commit only a file with no lines of code in it?

NoahMarconi avatar May 22 '18 16:05 NoahMarconi

Hi @NoahMarconi oops, sorry, first time using this feature of github. I see I actually put the code in my comment above

ksloven avatar May 23 '18 04:05 ksloven

@ksloven Thank you for your contribution. Note that the PR is still missing the Solidity file.

I am not sure we want a separate type of vulnerability for the suicidal contract, as I think that it is a sub-class of the Unprotected function vulnerability: https://github.com/trailofbits/not-so-smart-contracts/tree/master/unprotected_function

montyly avatar Jun 07 '18 15:06 montyly

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

CLAassistant avatar Jul 30 '19 02:07 CLAassistant