Skip to content

Latest commit

 

History

History
106 lines (87 loc) · 5.48 KB

threat-modeling.md

File metadata and controls

106 lines (87 loc) · 5.48 KB

Threat Model Analysis for ethereum/solidity

Threat: Integer Overflow/Underflow (Pre-0.8.0 or with unchecked)

  • Description: Arithmetic operations result in values exceeding type limits, causing "wrapping." Attacker crafts inputs to trigger this, leading to incorrect calculations. Crucially, this is only HIGH/CRITICAL if you are using an older Solidity version or explicitly using unchecked blocks.
  • Impact: Loss of funds, manipulated contract logic, potential DoS.
  • Affected Component: Functions with arithmetic on integer types (uint, int). Specifically, vulnerable are arithmetic operators (+, -, *, /, %, **).
  • Risk Severity: Critical (pre-0.8.0 or with unchecked blocks).
  • Mitigation Strategies:
    • Use Solidity 0.8.0 or later (built-in checks).
    • If using older versions or unchecked:
      • Use SafeMath (or equivalent).
      • Strict input validation.
      • Extensive testing/auditing.

Threat: Reentrancy

  • Description: Attacker's contract calls back into the victim contract before the initial function call completes, exploiting incomplete state updates.
  • Impact: Theft of funds, state manipulation, DoS.
  • Affected Component: Functions making external calls before updating state.
  • Risk Severity: Critical.
  • Mitigation Strategies:
    • Checks-Effects-Interactions Pattern.
    • Reentrancy Guards (Mutexes).
    • Pull over Push for Payments.

Threat: Denial of Service (DoS) via Gas Limit

  • Description: Attacker causes a function to consume excessive gas, leading to transaction failure (out-of-gas).
  • Impact: Contract unusability, blocked users, potential financial loss.
  • Affected Component:
    • Functions with unbounded loops.
    • Functions with complex calculations/large data storage.
    • Functions calling untrusted contracts.
  • Risk Severity: High.
  • Mitigation Strategies:
    • Avoid unbounded loops; use pagination.
    • Optimize gas usage.
    • Implement circuit breakers.
    • Set gas limits for external calls.

Threat: Unexpected State Changes due to delegatecall

  • Description: Attacker exploits delegatecall to a malicious contract, modifying the calling contract's storage unexpectedly.
  • Impact: Arbitrary code execution, data corruption, theft of funds.
  • Affected Component: Functions using delegatecall (especially to untrusted contracts).
  • Risk Severity: Critical.
  • Mitigation Strategies:
    • Use delegatecall only with audited, trusted contracts.
    • Understand storage layouts to prevent collisions.
    • Avoid delegatecall if possible.

Threat: Randomness Issues

  • Description: Attacker predicts outcomes due to predictable on-chain randomness sources.
  • Impact: Predictable outcomes in games, lotteries, etc.
  • Affected Component: Functions using predictable sources (e.g., blockhash, block.timestamp) for randomness.
  • Risk Severity: High.
  • Mitigation Strategies:
    • Use an oracle (e.g., Chainlink VRF).
    • Commit-reveal schemes.
    • Avoid on-chain randomness for high security.

Threat: Front-Running/Transaction Ordering Dependence

  • Description: Attacker observes a pending transaction and submits their own with a higher gas price to manipulate the outcome.
  • Impact: Financial loss for users, state manipulation.
  • Affected Component: Functions where transaction order matters (exchanges, auctions).
  • Risk Severity: High.
  • Mitigation Strategies:
    • Commit-reveal schemes.
    • Submarine sends.
    • Design for less order sensitivity.
    • Private mempools/ordering services (advanced).

Threat: Incorrect Use of tx.origin

  • Description: Attacker tricks a user into interacting with a malicious contract that uses tx.origin for authorization, bypassing checks.
  • Impact: Bypassing authorization, unauthorized access.
  • Affected Component: Functions using tx.origin for authorization.
  • Risk Severity: High.
  • Mitigation Strategies:
    • Use msg.sender instead of tx.origin.

Threat: Unhandled Exceptions

  • Description: Low-level calls fail, but the calling contract doesn't handle the failure, leading to inconsistent state.
  • Impact: Unexpected state, loss of funds.
  • Affected Component: Functions using low-level calls without return value checks.
  • Risk Severity: High.
  • Mitigation Strategies:
    • Always check return values of low-level calls.
    • Use higher-level functions (e.g., transfer).

Threat: Logic Errors

  • Description: General errors in the Solidity code logic, leading to unintended behavior.
  • Impact: Varies widely, from minor bugs to critical vulnerabilities.
  • Affected Component: Any part of Solidity code.
  • Risk Severity: High to Critical.
  • Mitigation Strategies:
    • Thorough code reviews.
    • Extensive testing (unit, integration, fuzzing).
    • Formal verification.
    • Professional security audits.