This repository has been archived by the owner on Jul 19, 2019. It is now read-only.
🔒 Fix DoS vulnerability in Credit Protocol contract #33
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
`#executeUcacTx` is an inexpensive and unauthenticated function that increases the transaction counter for a UCAC without actually performing a transaction, up to that UCAC's transaction limit. A motivated attacker can call this function continuously to perform a denial-of-service (DoS) attack on a UCAC, preventing legitimate transactions using that UCAC from being processed. Once started, this attack can be maintained indefinitely. Potential mitigations/effects on a live contract include: * An attack on a UCAC may incentivize its stakeholders to unstake their tokens. * The fewer tokens staked in a UCAC, the less expensive the attack becomes to perform and maintain. * Staking more tokens in the UCAC will increase the transaction limit, thus increasing the cost to perform and maintain the attack. The best mitigation for this attack, then, for a live contract, would be for token holders to stake enough tokens in the affected UCAC to make the attack too expensive for the attacker to maintain.
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
#executeUcacTxis an inexpensive and unauthenticated function that increases the transaction counter for a UCAC without actually performing a transaction, up to that UCAC's transaction limit.A motivated attacker can call this function continuously to perform a denial-of-service (DoS) attack on a UCAC, preventing legitimate transactions using that UCAC from being processed.
Once started, this attack can be maintained indefinitely.
Potential mitigations/effects on a live contract include:
An attack on a UCAC may incentivize its stakeholders to unstake their tokens.
The fewer tokens staked in a UCAC, the less expensive the attack becomes to perform and maintain.
Staking more tokens in the UCAC will increase the transaction limit, thus increasing the cost to perform and maintain the attack.
The best mitigation for this attack, then, for a live contract, would be for token holders to stake enough tokens in the affected UCAC to make the attack too expensive for the attacker to maintain.
This PR mitigates the vulnerability by reducing the visibility of the
#executeUcacTxfunction toprivate, allowing it to only be called by other functions within the contract.