What is the Locked Ether vulnerability?
In the context of the Ethereum network, Ether (ETH) is the native cryptocurrency that is used in every transaction, whether as an intrinsic unit of value transfer or as a fee for a more general transaction, e.g. using smart contract functionality. When ether is sent to a smart contract, it may inadvertently become "locked" within the contract due to errors in the smart contract's source code.
The Locked Ether vulnerability refers to smart contract code that may cause ether to become irretrievable or inaccessible from a smart contract's address. This ether can neither be accessed by the contract's creator nor any users who might have sent their funds to the contract. It essentially remains frozen within the blockchain.
A real-world example: the Parity multisignature wallet
On November 6th, 2017, a vulnerability in a smart contract system developed by Parity Technologies was exploited, leading to the locking of ether in vulnerable user's wallets. The wallets themselves were smart contract-based multisignature wallets, which relied on a shared library contract for core logical functionality if deployed by users after July 20th, 2017, including logic for the movement of funds. An anonymous user identified a flaw within this shared library code, allowing them to take control of the library contract and subsequently destroy it, impacting 587 wallets reliant on this functionality. This exploit resulted in 513,774.16 ether and additional token assets becoming inaccessible.
Further reading: A Postmortem on the Parity Multi-Sig Library Self-Destruct
0xjoi
High
[H-01] Locked Ether IDTS
Summary
Vulnerability Detail
What is the Locked Ether vulnerability? In the context of the Ethereum network, Ether (ETH) is the native cryptocurrency that is used in every transaction, whether as an intrinsic unit of value transfer or as a fee for a more general transaction, e.g. using smart contract functionality. When ether is sent to a smart contract, it may inadvertently become "locked" within the contract due to errors in the smart contract's source code.
The Locked Ether vulnerability refers to smart contract code that may cause ether to become irretrievable or inaccessible from a smart contract's address. This ether can neither be accessed by the contract's creator nor any users who might have sent their funds to the contract. It essentially remains frozen within the blockchain.
A real-world example: the Parity multisignature wallet On November 6th, 2017, a vulnerability in a smart contract system developed by Parity Technologies was exploited, leading to the locking of ether in vulnerable user's wallets. The wallets themselves were smart contract-based multisignature wallets, which relied on a shared library contract for core logical functionality if deployed by users after July 20th, 2017, including logic for the movement of funds. An anonymous user identified a flaw within this shared library code, allowing them to take control of the library contract and subsequently destroy it, impacting 587 wallets reliant on this functionality. This exploit resulted in 513,774.16 ether and additional token assets becoming inaccessible.
Further reading: A Postmortem on the Parity Multi-Sig Library Self-Destruct
Impact
Code Snippet
https://github.com/sherlock-audit/2024-08-cork-protocol/blob/main/Depeg-swap/contracts/core/assets/AssetFactory.sol#L14
Tool used
Manual Review
Recommendation
Olympix: Contracts that can receive ether but cannot send it may lock value permanently.
Recommendation: Always ensure that there is an ether exit for a contract that is designed to receive ether.