search

pcaversaccio / reentrancy-attacks

A chronological and (hopefully) complete list of reentrancy attacks to date.
GNU Affero General Public License v3.0
1.33k stars 147 forks source link

📌 First Ever Reentrancy Attack #1

Closed nmushegian closed 2 years ago

nmushegian commented 2 years ago

The first reentrency attck was a whitehack attack by me against my first WETH deployment.

https://old.reddit.com/r/ethereum/comments/4nmohu/from_the_maker_dao_slack_today_we_discovered_a/

Here you can see me thank the researcher for pointing out this general class of issues, which made us realize our contract was vulnerable.

I can’t find it now because all the slockit websites have been deleted, but shortly after this post, TheDAO devs made a blog post boasting that their contract was not vulnerable.

It has been a repeated theme for the last 5 years that people take worse versions of what I or some other good-faith inventor come up with, attach a scam token, and try to erase history. Please help preserve this historical record that TheDAO disaster could have been averted, but people who pay to market tokens to retail are more concerned about a quick flip than they are about building sound systems.

pcaversaccio commented 2 years ago

Thank you very much for pointing this out. A few backup links in order to preserve the history:

In your Reddit post, a full post-mortem is mentioned. Can you please share that with me here as a link, thx.

Update: I included this white hat attack in my list with commit 72c2ede94522a2ad964a9a863106faa96f5ef08b.

LefterisJP commented 2 years ago

Hey @pcaversaccio there was indeed a post boasting the DAO is safe, but not by us devs. It was Stephan Tual who wanted to boast how cool the DAO is without asking us. You probably know how problematic his way of communication was. In fact I have had no time in between to look at stuff as I was away a bit in the few days between what Nikolai mentions and the actual DAO hack.

But I believe the class of attacks was indeed mentioned much earlier by Christian Reitwiessner. I don't remember where though. As for if there was a rentrancy attack in the wild by a malicious actor before I am not sure.

pcaversaccio commented 2 years ago

Thanks @LefterisJP for your comments. As you see above, I've compiled a list of archive URLs (e.g. the mentioned blog post from Stephan Tual is also part of this list) in order to preserve history.

@chriseth is there some archive link where you pointed out to Peter Vessenes (probably on GitHub) the reentrancy attack vector? Would be cool to have it here as well. image

chriseth commented 2 years ago

There is also the talk I have at devcon 1 in London where I mentioned that when using .send() you have to prepare for callbacks: https://chriseth.github.io/notes/talks/safe_solidity/#/7

Peter might have been talking about this one: https://github.com/ethereum/solidity/pull/617/files# - it does not say more than what I already said in the talk. But IIRC, we were acutally discussing the issue in more detail on gitter. I'm pretty sure this is archived somewhere.

pcaversaccio commented 2 years ago

awesome @chriseth, thank you! In order to preserve history, here is the Internet Archive link to Chris' talk:

@vessenes any chance you can point me to the Gitter logs?

chriseth commented 2 years ago

The room is https://gitter.im/ethereum/solidity or https://gitter.im/ethereum/solidity-dev - there should be tools that download the archives from the relevant days / weeks.

pcaversaccio commented 2 years ago

Found the following gist that simulates a reentrancy attack by @vessenes:

Also, found the following Gitter conversation that discusses the reentrancy attack vector:

johnfawole commented 2 years ago

Was reading the comments, and I learned a lot from y'all. Legendary devs!

Mylifechangefast commented 10 months ago

Love this, thanks for the insights.

Mylifechangefast commented 10 months ago

That means WETH9 is still vulnerable? How do learn more about it for a better recommendation codebase of the WTH9.

pcaversaccio commented 10 months ago

That means WETH9 is still vulnerable? How do learn more about it for a better recommendation codebase of the WTH9.

No, the original WETH contract was actually called DSEthToken and has nothing to do with WETH9.

Mylifechangefast commented 10 months ago

Okay, can you tell me more about WETH9 please?

Mylifechangefast commented 10 months ago

I w

That means WETH9 is still vulnerable? How do learn more about it for a better recommendation codebase of the WTH9.

No, the original WETH contract was actually called DSEthToken and has nothing to do with WETH9.

I will check what the DSEthToken is all about.

pcaversaccio commented 10 months ago

Okay, can you tell me more about WETH9 please?

https://www.zellic.io/blog/formal-verification-weth/

Mylifechangefast commented 10 months ago

Okay, can you tell me more about WETH9 please?

https://www.zellic.io/blog/formal-verification-weth/

Yeah, I'm on that.

But what I want to know is that the Supply of ETH has to be greater than WETH right?

I mean the whole concept about the invariant lookout in this https://www.zellic.io/blog/formal-verification-weth/, right?

Mylifechangefast commented 10 months ago

Which shouldn't be an issue.

pcaversaccio commented 10 months ago

But what I want to know is that the Supply of ETH has to be greater than WETH right?

Well, the totalSupply is always greater than or equal to the sum of the total number of WETH tokens in existence. But it's harmless since a new user depositing ETH into WETH will always be able to withdraw it later, regardless of what transactions happen to WETH in between. Please read the article I linked for the technicalities.