-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
contract can lose the funds! #1
Comments
This is incredibly useful, looking into it now. |
Has the Ethereum team ever commented on that issue? I can't seem to find any official word on how to prevent these kinds of attacks. |
Its a feature, not a bug :-) |
When you say
|
In Solidity it's a bool. The simplest fix is |
Gracias! |
should probably wait to fix before actually closing =p |
You should check in the
cash
function that thesend
instruction completes.send
can silently fail due to a call-stack error. If that happens, the execution carries on,isCashed
is set, and the pot becomes lost forever.An attacker can cause this to happen with a carefully-formed transaction that preloads the callstack to depth 1023. Here's a demonstration of this against
lotto.sol
in pyethereum:https://gist.github.com/amiller/665cc46970f2c0684d2a#file-test_etherpot-py
This is a known hazard in writing smart contracts. We reported on it as part of an independent Ethereum security audit:
https://github.com/LeastAuthority/ethereum-analyses/blob/master/GasEcon.md#callstack-depth-limit-errors
The best work-around here is defensive programming. The
send
failure is not exactly silent, the caller can (and should) check the return value ofsend
as a boolean. This is also demonstrated (in Serpent, for now) in the online course documents from University of Maryland.http://mc2-umd.github.io/ethereumlab/
The text was updated successfully, but these errors were encountered: