back to the
play

Back To The Future Of f Soft ftware Security Developing Secure - PowerPoint PPT Presentation

Dec 07, 2022 •233 likes •764 views

Back To The Future Of f Soft ftware Security Developing Secure Smart Contracts Final - OWASP Toronto January 23, 2019 Whoami Jamie Baxter, M. Eng., OSCP, OSCE, CISSP, GPEN Independent Information Security Consultant focusing on

  1. Back To The Future Of f Soft ftware Security Developing Secure Smart Contracts Final - OWASP Toronto January 23, 2019

  2. Whoami • Jamie Baxter, M. Eng., OSCP, OSCE, CISSP, GPEN • Independent Information Security Consultant focusing on security assessments (applications, infrastructures and smart contracts) • Previously worked in aerospace, government and finance sectors • CTF’er , pen-tester, red teamer, appsec

  3. Tonight • What is a Smart Contract? • Ethereum Overview • Smart Contract Introduction • Smart Contract Vulnerabilities • Resources And Capture The Flags

  4. What are Ethereum Smart Contracts? • Def: A Ethereum Smart Contract is a program that defines a general purpose computation which takes place on a blockchain or distributed ledger • Term originally coin by Nick Szabo • The smart contract code facilitates, verifies, and enforces the negotiation or performance of an agreement or transaction. • While self-verifying, self-executing and tamper resistant smart contracts may contain bugs, from programmer errors to flaws in the compiler & toolchain to the platform itself. Source : https://blockchainhub.net/smart-contracts/ https://en.wikipedia.org/wiki/Smart_contract/

  8. Ethereum is a Transaction Based State Machine Transaction (T x ) APPLY World State World State (Transition Function) 𝜏 𝑢 + 1 𝜏 𝑢 A transaction is a single cryptographically-signed instruction

  9. What is a World State ( 𝝉) ? • It is the mapping between addresses and their account state at a given time World State 𝜏 𝑜 Address( 𝛽 1 ) Account State ( 𝜏[𝛽 1 ] n ) Address( 𝛽 2 ) Account State ( 𝜏[𝛽 2 ] n ) Address( 𝛽 3 ) Account State ( 𝜏[𝛽 3 ] n ) SHA-3 Hash (Keccak-256) Code Storage

  10. What’s in an Account? There’s actually two types of accounts Externally Owned Accounts (EOA) Contract Account Account State ( 𝜏[𝛽 2 ] n ) Account State ( 𝜏[𝛽 1 ] n ) Address( 𝛽 2 ) Nonce Address( 𝛽 1 ) Nonce Ether Balance Ether Balance Code Hash Storage Hash Code Storage

  11. A Word on Addresses Externally Owned Account (EOA) Address (A) 𝐵 = 𝐶 96..255 (𝐿𝐹𝐷 𝑄𝑉𝐶𝐿𝐹𝑍 𝑞 𝑠 ) Where 𝑞 𝑠 is the private key Contract Accounts Address (A) 𝐵 = 𝐶 96..255 (𝐿𝐹𝐷 𝑇𝑓𝑜𝑒𝑓𝑠 𝐵𝑒𝑒𝑠𝑓𝑡𝑡, 𝑂𝑝𝑜𝑑𝑓 )

  12. Account Type Summary ry Externally Owned Accounts Contract Accounts • Have a nonce • Have a nonce • Have an Ether balance • Have an Ether balance • Can send transactions • Code hash • Transfers • Code execution is triggered • Messages to Contracts or other EOAs by a transaction • Only EOA can initiate • Can call other contracts transactions

  13. Multiple Transactions are Combined in a Block Block (Bx) Headers Also Cryptographically Signed Transaction (T 1 ) Transaction (T 2 ) Transaction (T 3 ) Transition World State World State Function 𝜏 𝑢 + 1 𝜏 𝑢 Ethereum Virtual Machine EVM

  14. The Sequence of f Blocks and World States Block (Bx) Block (Bx-1) Header Header Transaction (T 1 ) Transaction (T 1 ) Transaction (T 2 ) Transaction (T 2 ) Transaction (T 3 ) Transaction (T 3 ) World State World State World State Transition Transition 𝜏 𝑢 − 1 𝜏 𝑢 𝜏 𝑢 + 1 Function Function …is the Blockchain!

  15. The Transition Function - Ethereum Vir irtual Machine (E (EVM) • Turing complete instruction set 2^8 Op Codes, Fixed Length) • 256-bit word machine • 1024 element stack (of 256 bits each) • 8-Bit opcodes • No registers (purely stack based) • Storage (persistent / per account) • Memory (volatile) • It’s purpose is run EVM Byte Code (aka Smart Contracts)

  17. What are Ethereum Smart Contracts? • Smart Contracts are very similar to classes in C++ or Java • All Smart Contracts are bound to an address and have an ether balance associated with them • Smart Contracts have a constructor (no overloading though) • Solidity supports inheritance and polymorphism • Other objected orientated concepts like visibility (private, public), state variables and interfaces also all apply • Compiled to EVM Bytecode and stored in the world state indexed by code hash • Contracts can be killed (suicide) • Usually written in Solidity. But other languages exist ex: LLL

  18. Life Cycle of f a Smart Contract Transaction to Create • Issued by a EOA or another Smart Contract (contracts can create contracts) Execution Driven by Transactions • Receive transactions (calls, delegate calls) • Perform actions • Functions called from other functions Suicide or “Freeze” Every Contract is stored within the world state.

  19. Contract Execution - Every rything has a Price! • Cost is measured in “GAS” Partial List of GAS costs • The unit price of GAS in Ether is defined by the initiator of the transaction. • Creating a contract costs GAS • All execution steps cost GAS • The more complex the execution the greater the cost • Each transaction is provided a GAS stipend to begin execution • Each block is subject to the GAS limit of 8 million. • Consider an expensive transaction like SSTORE (20000 Gas) means a block can write to store 400 times • Ethereum network can process about 25 transactions per second. Though multiple initiatives are underway to greatly increase that

  20. Dis istributed Applications (dApps) (Sim implif ified) Contract(s) Backend Web Gui Front End

  21. An Example dApp - Cry ryptoKitties! !

  22. A recent Dapp Ranking Source: http://dappradar.com

  23. Tools – A Sampling Tool Descriptions Comments Metamask A Browser Extension for Running Wallet Integration dApps Mist Dedicated Dapp Browser Wallet Integration Ganache Ethereum Personal Blockchain “Ganache is a personal blockchain for (Now you can have a blockchain Ethereum development you can use too!) to deploy contracts, develop your applications, and run tests” Truffle Smart Contract Development Compile and Deploy Smart Contracts Suite Remix IDE Online Geth Ethereum Node Controller (can geth is the the command line join main or multiple test and interface for running a full ethereum special purpose nets) node implemented in Go.

  24. So, , of course, all ll the past le lessons in in software security have been applied and Smart Contracts are now bug bug free … Thanks for coming out!

  26. Every rything old is new again! • Integer Underflow / Overflow (SWC-101) • Unprotected Sensitive Functions (Self-Destruct) (SWC-106) • Exposed Private Data • Bad Randomness (SWC-120) • Re-Entrancy (SWC-107) • Unsafe Authorization (SWC-115) • Unsafe Contract Constructors (SWC-115) • Out-Of-Bounds Write-Anywhere (SWC-124) • Unprotected Withdrawal There are currently 29 weakness patterns identified in Smart Contracts: Source: https://en.wikipedia.org/wiki/Integer_overflow

  27. Integer Overflows have been with us…for a long , , long time! Source: https://en.wikipedia.org/wiki/Integer_overflow

  28. In Integer Overflow (S (Simple) - (S (SWC-101) Execution Run #1 pragma solidity ^0.4.24; balance = 1 add(100) balance = 101 contract OverflowAdd { uint256 private balance = 1; Execution Run #2 function add(uint256 deposit) public { balance = 2^256 balance = balance + deposit; add(1) } balance = 0 Source: https://smartcontractsecurity.github.io/SWC-registry/docs/SWC-101

  29. In Integer Overflow (S (Simple) - (S (SWC-101) pragma solidity ^0.4.24; Execution Run #1 Balance = 1 contract Overflow_Add { AddSafe(100) uint256 private Balance = 1; balance = 101 function AddSafe(uint256 deposit) public { uint256 newBalance = balance + deposit; Execution Run #2 require(newBalance >= deposit, “OVERFLOW DETECTED”); Balance = 2^256 AddSafe(1) balance += deposit; Balance = 0 ‘ Exception Thrown } } Source: https://smartcontractsecurity.github.io/SWC-registry/docs/SWC-101

  30. In Integer Overflow (M (More Complex) - (S (SWC-101) pragma solidity ^0.4.5; contract MegaTokenBank{ Problem: mapping(address => uint256) public Ledger; Arithmetic Results in Integer Overflow uint256 constant PRICE_PER_TOKEN = 10000; function MegaTokenBank(address _player) public payable { Solution require(msg.value == 1); Ensure sanity checks are applied after arithmetic } Consider a library like SafeMath function buy(uint256 numTokens) public payable { require(msg.value == numTokens * PRICE_PER_TOKEN); (Source: https://github.com/OpenZeppelin/openzeppelin- solidity/tree/master/contracts/math) Ledger[msg.sender] += numTokens; } function sell(uint256 numTokens) public { require(balanceOf[msg.sender] >= numTokens); Ledger[msg.sender] -= numTokens; msg.sender.transfer(numTokens * PRICE_PER_TOKEN); Source: https://smartcontractsecurity.github.io/SWC- } } registry/docs/SWC-101

  31. Exposed Private Data There are no secrets on the blockchain pragma solidity ^0.4.5; Problem: contract SecretHolder { The World State is stored in each synced uint256 constant MySecretValue= node. 0xABCDEF1010; Hence your secret value is available by function GetSecret() public manual inspection payable { require(msg.sender = owner); } }

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

PREVENTION OF LOW BACK PAIN : Back Education for Workplace and Home PRESENTED AT BODIJA-ASHI

PREVENTION OF LOW BACK PAIN : Back Education for Workplace and Home PRESENTED AT BODIJA-ASHI

PREVENTION OF LOW BACK PAIN : Back Education for Workplace and Home PRESENTED AT BODIJA-ASHI BAPTIST CHURCH, IBADAN MARCH 10, 2013 Ibidunni Alonge Olumide Dada WHY LOW BACK PAIN? 2 Knee Back Neck WHAT IS LOW BACK PAIN? 3 Low back

1.56k views • 61 slides
Back-Up Servicing www.1stservicing.com Back-Up Servicing A back-up servicer is a service

Back-Up Servicing www.1stservicing.com Back-Up Servicing A back-up servicer is a service

Back-Up Servicing www.1stservicing.com Back-Up Servicing A back-up servicer is a service provider who agrees to take over the servicing of a portfolio of assets on the occurrence of certain trigger events, most commonly failure of the

829 views • 5 slides
to get back on track It took a while but now I have taken back control. Im trying new things,

to get back on track It took a while but now I have taken back control. Im trying new things,

Making it easier to get back on track It took a while but now I have taken back control. Im trying new things, pushing my limits again. Alessia Leading intimate healthcare Coloplast Earnings Conference Call Q1 2019/20 February 6 th , 2020

465 views • 8 slides
THE BACK THE MUSCLES THE MUSCLES OF THE BACK THE MUSCLES OF THE BACK Muscles of the back are

THE BACK THE MUSCLES THE MUSCLES OF THE BACK THE MUSCLES OF THE BACK Muscles of the back are

THE BACK THE MUSCLES THE MUSCLES OF THE BACK THE MUSCLES OF THE BACK Muscles of the back are organized into superficial , intermediate , and deep groups . extrinsic muscles and intrinsic muscles Muscles in the superficial and intermediate groups

482 views • 37 slides
Back-to-School Outreach Strategies Agenda Back-to-School Outreach Why Back-to-School?

Back-to-School Outreach Strategies Agenda Back-to-School Outreach Why Back-to-School?

Back-to-School Outreach Strategies Agenda Back-to-School Outreach Why Back-to-School? What you can do Partner Spotlight, INOVA Hospital Bringing it all together 2 Be Part of the Conversation Do you have tried and

373 views • 24 slides
S chool Rove r BACK ON TRACK IS BACK So if you are lucky This term saw the return of Back on

S chool Rove r BACK ON TRACK IS BACK So if you are lucky This term saw the return of Back on

Issue 8, May 21 2010 As we express our gratitude, we must never forget that the highest appreciation is not to utter words, but to live by them. J.F. Kennedy ACN 063049669 Maher Road, P. O. Box 771, Gordonvale,

744 views • 8 slides
Back To Work Back To Work Back To Work Back To Work Q2 F2008 Results 31 January 2008 y

Back To Work Back To Work Back To Work Back To Work Q2 F2008 Results 31 January 2008 y

Back To Work Back To Work Back To Work Back To Work Q2 F2008 Results 31 January 2008 y Forward Looking & Cautionary Statements Forward Looking & Cautionary Statements This document and any materials distributed in connection with

774 views • 56 slides
D62 Back to School July 20, 2020 Goals: D62 Back to School Continue to monitor state and

D62 Back to School July 20, 2020 Goals: D62 Back to School Continue to monitor state and

D62 Back to School July 20, 2020 Goals: D62 Back to School Continue to monitor state and federal guidelines Prioritize health and safety Ensure a smooth transition back to in-person schooling Prepare for multiple scenarios

730 views • 36 slides
Welcome back. Turn in homework! I am away April 15-20. Midterm out when I get back. Few days

Welcome back. Turn in homework! I am away April 15-20. Midterm out when I get back. Few days

Welcome back. Turn in homework! I am away April 15-20. Midterm out when I get back. Few days and take home. Shiftable. Have handle on projects before that. Progress report due Monday. Example Problem: clustering. Points: documents, dna,

515 views • 19 slides
part 4 May, 2012 Dr. Belal Gharaibeh 1 The Back Low back disorders (LBD) have been

part 4 May, 2012 Dr. Belal Gharaibeh 1 The Back Low back disorders (LBD) have been

Biomechanics analysis part 4 May, 2012 Dr. Belal Gharaibeh 1 The Back Low back disorders (LBD) have been identified as one of the most common and significant musculoskeletal problems that results in substantial amounts of morbidity,

510 views • 14 slides
Transitioning Back to Campus A Discussion for Supervisors Welcome Back! We are glad you are

Transitioning Back to Campus A Discussion for Supervisors Welcome Back! We are glad you are

Transitioning Back to Campus A Discussion for Supervisors Welcome Back! We are glad you are here. We want you to be safe. Safety First Flatten the Curve Daily Symptom Self Checking Use Face Coverings (available @ Parking Services

163 views • 13 slides
Back to the future : the Back and Forth Nudging algorithm Conference on Applied Inverse

Back to the future : the Back and Forth Nudging algorithm Conference on Applied Inverse

Didier Auroux Mathematics Institute of Toulouse, France Near future : University of Nice auroux@math.univ-toulouse.fr auroux@unice.fr Work in collaboration with : J. Blum (U. Nice), M. Nodet (U. Grenoble) Back to the future : the Back and

429 views • 30 slides
Disability Claims Process Personal support through each step to get back to health, back to work

Disability Claims Process Personal support through each step to get back to health, back to work

Disability Claims Process Personal support through each step to get back to health, back to work and back to life. Start to Finish our Focus is on the employee Back to health, back to work and back to life with support at every step Our

220 views • 17 slides
BACK IN TIME: BACK IN TIME: WHAT WOULD YOU DO? WHAT WOULD YOU DO? Gro Group 1: up 1: You are

BACK IN TIME: BACK IN TIME: WHAT WOULD YOU DO? WHAT WOULD YOU DO? Gro Group 1: up 1: You are

BACK IN TIME: BACK IN TIME: WHAT WOULD YOU DO? WHAT WOULD YOU DO? Gro Group 1: up 1: You are a group of people split equally between males and females that mostly descend from a common, recent, ancestor (great-great grandfather,

617 views • 13 slides
Smart Back Brace for Scoliosis Silver B Product Vision Traditional Smart Back Scoliosis

Smart Back Brace for Scoliosis Silver B Product Vision Traditional Smart Back Scoliosis

Smart Back Brace for Scoliosis Silver B Product Vision Traditional Smart Back Scoliosis Brace Back Brace Improve compliance Prevent corrective surgeries Tighten automatically during sleep Standardize back brace tightness

369 views • 7 slides
Express-Node Back-end Building a simple back-end application with Express, Node, and MongoDB

Express-Node Back-end Building a simple back-end application with Express, Node, and MongoDB

Express-Node Back-end Building a simple back-end application with Express, Node, and MongoDB Need for back-end Back-end will connect to a DB, get some results, and do some processing with those results Back-end will save data to the DB

360 views • 17 slides
Decompilation Ximing Yu May 3, 2011 Decompiler Definition Decompiler is a program that attempts

Decompilation Ximing Yu May 3, 2011 Decompiler Definition Decompiler is a program that attempts

Decompilation Ximing Yu May 3, 2011 Decompiler Definition Decompiler is a program that attempts to perform the inverse process of the compiler. Given an executable program compiled in any high-level language, the aim is to produce a high-level

803 views • 25 slides
Lattice Gaussian Sampling with Markov Chain Monte Carlo (MCMC) Cong Ling Imperial College London

Lattice Gaussian Sampling with Markov Chain Monte Carlo (MCMC) Cong Ling Imperial College London

Lattice Gaussian Sampling with Markov Chain Monte Carlo (MCMC) Cong Ling Imperial College London aaa joint work with Zheng Wang (Huawei Technologies Shanghai) aaa September 20, 2016 Cong Ling (ICL) MCMC September 20, 2016 1 / 23 Outline

269 views • 23 slides
Interoperability Now! A pragmatic Approach to Interoperability in Language Technology Sven C.

Interoperability Now! A pragmatic Approach to Interoperability in Language Technology Sven C.

Interoperability Now! A pragmatic Approach to Interoperability in Language Technology Sven C. Andr Founder and CEO of ONTRAM Inc./Andr AG Based on a Collaboration Effort with Kilgray, Welocalize, Medtronic and Bioloom W3C Multilingual

506 views • 24 slides
Providing Flexible Consistency Levels with Manhattan at Twitter Boaz Avital @bx BOAZ AVITAL

Providing Flexible Consistency Levels with Manhattan at Twitter Boaz Avital @bx BOAZ AVITAL

Providing Flexible Consistency Levels with Manhattan at Twitter Boaz Avital @bx BOAZ AVITAL Tech Lead, Core Storage @bx M A N H AT TA N USING MANHATTAN Self service creation of applications and datasets Large multitenant clusters

933 views • 44 slides
Spatiotemporal trade-off for quasi-uniform sampling of evolving signals Jacqueline Davis joint

Spatiotemporal trade-off for quasi-uniform sampling of evolving signals Jacqueline Davis joint

Spatiotemporal trade-off for quasi-uniform sampling of evolving signals Jacqueline Davis joint work with Akram Aldroubi and Ilya Krishtal Vanderbilt University Department of Mathematics September 9, 2014 B(Bx) ? Bx x x The General

322 views • 16 slides
r r t srt rt

r r t srt rt

r r t srt rt r r t s rs Prr

491 views • 21 slides
ECS 231 Gradient descent methods for solving large scale eigenvalue problems 1 / 17 Generalized

ECS 231 Gradient descent methods for solving large scale eigenvalue problems 1 / 17 Generalized

ECS 231 Gradient descent methods for solving large scale eigenvalue problems 1 / 17 Generalized symmetric definite eigenvalue problem Generalized symmetric definite eigenvalue problem Au = Bu where A and B are n n symmetric, and B

207 views • 17 slides
GMS Overview for Financial Points of Contact (FPOC) OCFO Financial Sponsored by Management

GMS Overview for Financial Points of Contact (FPOC) OCFO Financial Sponsored by Management

GMS External Training GMS Overview for Financial Points of Contact (FPOC) OCFO Financial Sponsored by Management Training The Office of Audit, Assessment, and Management Seminar (FMTS) Grants Management Division Session Agenda What is

1.07k views • 65 slides

More recommend