Develop an attack based on transaction limits

[facundominguez]

Given the limits on transactions of the Cardano platform, consider testing an attack in cooked that brings contracts with outputs paid to a script just below those limits to prevent further lawful transactions from succeeding.

Here's how the attack works:

1. The attacker will create a large amount of native tokens, each token having only one unit in existence.
2. The attacker will pay all of these tokens to the script of a target contract, thus bringing the continuation output of the contract to the limit of what the parameters allow in terms of either transaction size or bytes for storing native tokens.
3. The contract is stopped from proceeding with transactions that would increase the continuation output.

To fence from this attack, contracts should not only verify that sufficient value is being paid to scripts, but also that no extraneous tokens are part of the payment.

An automated search for this vulnerability could try injecting extraneous tokens in TxOuts paid to scripts. If the transaction is accepted, then this vulnerability might be present.

Update: another variation is to use a single token with very long token name, instead of several tokens.

[mmontin]

That's a very good idea. Let's see if we can craft an example in practice, or if this is a known possibility / documented somewhere.

[facundominguez]

Another way to reach transaction limits would be to pay a very large amount of some artificial token. Amounts are represented as Integers that have no upper bound.