Close

Stepping Towards Better Security (avoiding overflows)

A project log for HOM Coin : Efficient Blockchain based real estate

Stablecoin, database, and smart contract for buying and selling houses efficiently.

Dylan BrophyDylan Brophy 06/24/2019 at 22:380 Comments

The security in the original HOM Coin smart contract wasn't terrible, except that it didn't check for overflows.  If this is to be a popular coin then it can't have problems like that.

The problem with overflows

Anyone reading this on hackaday should understand the idea of an overflow - in computers, sometimes when a mathematical operation is executed, the result does not fit in the finite space the result can store.

With smart contracts, this can allow hackers to steal real money.  Lets say we have this psudocode as a function to send tokens to someone:

function transfer(sender, receiver, uint8_t amount){
    if(balances[sender]>=amount){
        balances[receiver]+=amount
        balances[sender]-=amount
    }
}

This should work fine, right? Nope.  Let's say Alice has 200 tokens and sends 128 of them to Bob who has 128 tokens.  in this case, Bob's balance would become zero because 128+128 = 256, but 256 doesn't fit (used 8 bit unsigned values).  In essence, Alice just destroyed all of Bob's coins!  There are many ways problems like this can exists, and an Ethereum contract needs to be especially careful, because real money can be lost.

Essentially I fixed security bugs like this, but there are also other security concerns.  The owner of the HOM Coin contract can destroy the contract (taking all the ether in the contract as well), or change the Oracle program's Ethereum address.  This is fine, unless the private key to the owner account is somehow stolen.  In this case the thief would be able to freely manipulate the HOM Coin price, or destroy the coin entirely, taking large sums of Ether.  No good.

I made a change so that the oracle address can only be changed once the last oracle address has confirmed that the change is allowed.  This way, two private keys would need to be stolen for price manipulation.

I still need to find a way to make contract destruction trustless.  Perhaps I will make the Ether evenly distributed among token owners - although this would take insane amounts of gas...

Discussions