MoleEdu | Security and Compliance Week - Blockchain Security.

Original Title: "MoleEdu | Security Compliance Week - Blockchain Security"

Original Source: "MoleDAO"

01 Web3 Ecological Security Situation

1.1 2022 Attack Event Overview

According to the "2022 Global Web3 Blockchain Security Situation Report", there were a total of 167 major attack incidents in 2022, with a total loss of 3.6 billion US dollars. Compared with 2021, the total loss increased by 47%. The "2022 Quarterly Loss Statistics Chart" below shows that the total loss in the first and fourth quarters was relatively high.

 1.2 Type of Attacked Project

The types of projects that have been attacked mainly include: cross-chain bridges, DeFi, centralized exchanges, chain platforms, wallets, and NFTs. Among them, DeFi mainly includes stablecoins, trading and lending, asset management, infrastructure, and insurance projects. In 2022, there were 12 cross-chain bridge security incidents throughout the year, with losses close to 1.89 billion US dollars, which is the highest among all project types. In the cross-chain bridge security incidents, there were five cases where the single loss exceeded 100 million US dollars, and the attack methods included social engineering, private key leakage, chain platform or contract vulnerabilities, etc.

Of the 167 major attack incidents throughout the year, DeFi was the most frequently attacked, with a total of 113 incidents, accounting for 67.6%. DeFi ranked second in total losses, second only to cross-chain bridges, with losses approaching $950 million. The security incidents most related to users or involving users were exchanges and wallet-related, with a total of 21 incidents and losses amounting to $600 million.

1.3 Main Attack Methods

The attack methods can be summarized as vulnerability exploitation, social engineering, private key leakage, flash loans, price manipulation, virtual machine vulnerabilities, transaction replay, and phishing. Among them, "vulnerability exploitation" is the most frequent and costly attack method throughout the year, with a total of 87 incidents and a total loss of 1.458 billion US dollars last year. The second is social engineering attacks, with only one incident last year, the Ronin incident, which caused a loss of 624 million US dollars. Private key leakage also accounts for a significant proportion, with a total of 19 leakage incidents and a total loss of 430 million US dollars; there were a total of 8 incidents with a single loss amount exceeding tens of millions of US dollars. According to the survey results, it is more common for team members or former team members to steal private keys, so project parties are reminded to strengthen team security management and operational security; at the same time, professional security assessments should be conducted when using third-party tools.

02 Chain Platform Security

Attacks on blockchain platforms are generally divided into two categories: attacks on the consensus layer and attacks on the network layer. The most common and impactful attack on the consensus layer is the 51% attack, which has occurred many times on blockchain platforms. There have also been many cases of 51% attacks in history, as shown in the following figure:

2.1 Principle of 51% Attack

In the blockchain industry, the commonly used consensus algorithms are POW and POS. Bitcoin has always adopted the POW consensus. In this consensus algorithm, there are two points to note. The first is to use the PoW consensus mechanism to solve the problem of how to obtain the right to bookkeeping, and the second is to use the "longest chain consensus" to solve the problem of how to bookkeep. Simply put, if two versions of the blockchain appear in the network at the same time, the consensus algorithm will prompt all miners in the network to choose the longest chain. "51% attack" actually refers to the attacker controlling more than 50% of the network's computing power.

The following figure shows how an attack occurs: When a "51% hash power attack" occurs, a malicious miner gains the right to record transactions and packages them. However, he can choose not to broadcast the transactions, resulting in two versions of the blockchain. Before the attack, all miners on the network recognized the green chain as the main chain. After the attack, the red attacker privately packaged a blockchain, but did not broadcast it. For example, at the position of the 40th block, he spent 100 bitcoins to buy a car. Although the transaction was agreed upon by everyone, it was not recorded in his privately packaged blockchain. By the time of the 41st block, the merchant had confirmed the transaction, but the attacker did not record the transaction in his own blockchain. If he has control over more than 51% of the hash power, he has a greater chance of calculating the block faster than other miners and adding it to the chain, as shown in the "after attack" situation in the figure. Because he has more hash power, his probability of mining a block is higher. So much so that if he mines more blocks than the ones above, according to the consensus of the longest chain, the chain he releases will be considered the main chain. Because he did not package the transaction he spent, he still has a balance of 100 bitcoins, but in fact, he has already driven away with the car and can use the 100 bitcoins to buy other items. We also call this situation a "double-spending attack".

2.2 Other Attack Methods

Including: eclipse attack, witch attack, and selfish mining attack.

In real life, "witch attacks" are more common. This includes some malicious behavior such as vote stuffing on certain lists, where one person can pretend to be multiple different people to stuff the votes. It also includes malicious airdrop activities, where some people pretend to be multiple different users or identities to grab airdrop rewards. There are three ways to avoid "witch attacks". The first way is to prove identity through proof of work. The second way is to use resource detection to find the differences between real nodes and fake nodes to determine whether they are witch nodes. The third way is to authenticate these nodes to ensure their credibility.

03 Smart Contract Security

3.1 Vulnerability Exploitation

The code deployed on the smart contract cannot be modified, which has attracted some attackers to exploit vulnerabilities in the contract for profit. It is precisely because of this that assets stolen from the smart contract cannot be recovered and tracking them is also quite complex.

"Exploiting vulnerabilities" is the most frequent and costly attack method throughout the year. In 2022, there were 87 attack incidents involving vulnerability exploitation, with a total loss of 1.458 billion US dollars. When further classified by vulnerability type, the top three causes of loss were authentication issues, chain platform vulnerabilities, and improper business logic/function design.

  The following figure shows common vulnerability categories:

  

This content contains an image with a source link that cannot be translated. The image is accompanied by a non-translatable alt text.

3.2 Vulnerability Exploitation - Reentrancy Vulnerability  

3.2.1 Vulnerability Principle

3.2.2 Conditions for implementing attacks

Most reentrancy vulnerabilities occur in the transfer scenario. There are two types of transfers: transferring to a regular wallet user's EOA account or transferring to a contract account. In the case of transferring to a contract account, the victim's fallback function is called by default, which may contain malicious functionality and pose a security risk.

To achieve a replay attack, two conditions must be met as shown in the following figure:

 Regarding the process of calling "changes in the ledger after actual transfer", please refer to the following code in the figure:  

Example (as shown below): Attacker's account will repeatedly attack the victim's account by calling the Attacker.beginAttack function with 1 ether, and earn far more than the amount of ether provided.

3.2.3 Vulnerability Fix Suggestions

1. Use the transfer() function: When sending ether to an external address, use the built-in transfer() function in Solidity whenever possible. When using transfer() to transfer funds, only 2300 gas is sent, which is not enough to call another contract (i.e. reentrant contract).

2. Checks-Effects-Interactions: Ensure that state variable changes occur before ether is sent (or any external calls), which is the recommended "checks-effects-interactions" pattern by Solidity.

3. Use mutex locks: Add a state variable that locks the contract during code execution to prevent reentrant calls.

3.2.4 Analysis of the OrionProtocol Attack Case

Event background: On February 3rd, the OrionProtocol contracts on the Ethereum and BSC chains were subjected to a reentrancy attack, resulting in the attacker profiting 3 million US dollars. Orion is a new type of DeFi platform that revolves around a liquidity aggregator to connect major centralized and decentralized exchanges.

The following screenshots show the process of the attack; for detailed explanation from the instructor, please refer to the course video playback (from 24 minutes and 30 seconds to 33 minutes).

3.3 Smart Contract Audit

Among the 167 major attack incidents detected in 2022, the proportion of audited and unaudited projects was 51.5% and 48.5%, respectively. Of the 86 audited projects, 39 attack incidents (45%) were still caused by vulnerability exploitation. It is recommended to seek professional security companies for auditing before launching projects to effectively ensure asset security.

04 Smart Contract Security 

4.1 Phishing Attack

According to statistical data, common phishing attacks can be classified into the following four categories:

The first type: forging official websites to lure users into making transfers.

The second type: False short selling deceives users into authorization.

The third type: luring users to fill in mnemonic words.

Fourth type: False Discord.

The entrance of phishing attacks is shown in the following two screenshots. We hope everyone will pay attention to prevention.

4.2 Private Key Security

Private key security is divided into two categories: "project party" and "user".

4.2.1 Security of Project Private Key

The losses caused by the leakage of project private keys are generally very significant. The following figure summarizes several major leakage incidents:

4.2.2 User Private Key Security

1. Phishing website (luring users to fill in mnemonic phrases)

2. Fake App Wallet: Using search engines to forge wallet official websites. Sending emails, posters, etc. to lure users to download fake wallets. Through social engineering, first gain the trust of the victim, and then deceive them into downloading the fake app wallet.

3. Trojan horse: This type of attack is mainly carried out by inviting users to participate in a new game project for internal testing through Discord, under the guise of "providing discounts" and other pretexts, or by sending a program through private chat in the group, which once run on your computer, will scan the files on your computer and then upload files containing keywords such as Wallet to the attacker's server, in order to steal cryptocurrency.

4.3 Security Measures

4.3.1 Wallet Security

Users can take the following four measures to ensure the security of their wallets.

4.3.2 Private Key Security

When storing private keys, ensure the following three points:

1. Do not save private keys using the clipboard.

2. Mnemonic phrases do not use cloud services to store private keys.

3. Be wary of supply chain attacks in mnemonic words.

4.3.3 Phishing Protection

To avoid phishing attacks, there are three measures:

1. Social media cross-information verification.

2. Use anti-phishing plugins.

3. Be cautious when clicking on unknown links.

05 Financial Security

5.1 Rug Pull Scam

Rug Pull scams refer to the malicious behavior of project teams who collect funds after the project launch and then immediately run away. The following image shows the amount of losses caused by monthly Rug Pull scams in 2022.

In 2022, a total of 243 Rug Pull incidents occurred throughout the year, involving a total amount of 425 million US dollars. Among the 243 Rug Pull incidents, 8 projects involved amounts of tens of millions of US dollars or more. The amount of funds involved in 210 projects (approximately 86.4%) that fled was concentrated in the range of several thousand to several hundred thousand US dollars.

The following tips can help you identify Rug Pull scams:

1. Rug Pull projects are mostly unable to pass audits because they need to hide backdoors, which auditing companies can easily detect. Auditing companies will not provide qualified audit reports for such projects.

2. Rug Pull projects often have incomplete social media information. Statistics show that at least half of Rug Pull projects lack complete official websites, Twitter, Telegram, or Discord groups.

3. Project non-standard: plagiarism of other project's whitepapers, grammatical errors, and so on.

4. Hotspot projects, which are basically projects that run away with funds within 3 months after getting involved in the industry.

5.2 Cash Capacity Attack

As the name suggests, attackers need to have a high amount of funds in reserve in order to launch an attack. The following image shows the process of last year's hack on the decentralized trading platform Mango:

5.3 Other Scams:

5.3.1 Insider Trading

Mouse warehouse" is a common folk term in the financial industry, referring to the behavior of suspected insider trading. The basic manifestation is that before the good news comes out, buyers who have access to internal information will buy a large number of tokens at a low price, and then immediately sell them off when the good news is realized.

According to relevant data analysis, a certain encrypted wallet purchased Gnosis coins worth $360,000 in the six days before Binance announced that it would be listed. Four minutes after Binance announced that Gnosis coins would be listed, the wallet began to sell Gnosis coins and made a net profit of approximately $140,000, with a return rate of about 40%. 5.3.2 "Pixiu Plate"."Pixiu" is a mythical creature in ancient Chinese legends. It has a mouth but no anus, and can swallow everything (mostly gold and jewelry) without excreting anything. Therefore, it is used to describe a type of cryptocurrency that can only be bought but not sold.

Original article link

欢迎加入律动 BlockBeats 官方社群：

Telegram 订阅群：https://t.me/theblockbeats

Telegram 交流群：https://t.me/BlockBeats_App

Twitter 官方账号：https://twitter.com/BlockBeatsAsia