This Banner is For Sale !!
Get your ad here for a week in 20$ only and get upto 15k traffic Daily!!!

Find The Bug in this Smart Contract [series] 2024


// SPDX-License-Identifier: MIT
pragma solidity 0.8.18;

/*
 * @writer not-so-secure-dev
 * @title PasswordStore
 * @discover This contract means that you can retailer a personal password that others will not be capable of see. 
 * You may replace your password at any time.
 */
contract PasswordStore {
    error PasswordStore__NotOwner();

    tackle non-public s_owner;
    //this isn't actually non-public 
    //all information onchain is public infomation
    string non-public s_password;

    occasion SetNetPassword();

    constructor() {
        s_owner = msg.sender;
    }

    /*
     * @discover This perform permits solely the proprietor to set a brand new password.
     * @param newPassword The brand new password to set.
     */

    //is it an exterior name 
    //if it's only the proprietor can name it
    //q why is the constructor proprietor not set within the contract?
    //anyone can set the proprietor to be themselves
    //lacking entry management

    perform setPassword(string reminiscence newPassword) exterior {
        s_password = newPassword;
        emit SetNetPassword();
    }

    /*
     * @discover This enables solely the proprietor to retrieve the password.
     * @param newPassword The brand new password to set.
     */
    perform getPassword() exterior view returns (string reminiscence) {
        if (msg.sender != s_owner) {
            revert PasswordStore__NotOwner();
        }
        return s_password;
    }
}
Enter fullscreen mode

Exit fullscreen mode

This can be a good contract I labored on, and I discovered three bugs in it. This tutorial. I shared how I may discover the bugs, the mitigated response to the bugs, and the easiest way to stop bugs. 

Good contracts take a variety of time to edit and discover bugs, largely when it has a variety of traces and inherit from different contracts, it’s arduous to audit and fish out leaks. 

I wrote Prime 9 Hacks in web3, the place I shared a few of the hacks and the way web3 is changing into higher with audits like this. 

Earlier than diving into the audit, you should take note of the next to grasp what the shopper wants and the way finest to arrange your self. 

Scope the information – Perceive what the purchasers need, and guarantee you’re engaged on the precise model so you do not waste your time solely to be informed that is not what you have to be taking a look at. 

Ask Questions – Don’t be scared to ask questions. The good contract builders are finest positioned to elucidate why sure issues are how they’re, “DO NOT ASSUME”. 

Learn the Documentation- Begin from the documentation to grasp what the contract hopes to attain. Learn via the step-by-step evaluation this is able to provide you with a deeper understanding of what needs to be within the codes and what mustn’t. 

Doc your course of from the start, and you need to use a markdown file, feedback, notes, or whiteboard, use no matter to maintain observe of the place you’re so you do not get misplaced, as some codes are fairly prolonged. 

Armed with this step, allow us to have a look at the code above and discover some bugs and the way we will defend this contract from such bugs.



[S-#] Storing the password on-chain makes it seen to anybody and not non-public

Description: All information saved on the chain is seen to anybody even when it explicitly says solely the PasswordStore::s_owner is the one one that may set a password.

The PasswordStore::getpassword perform doesn’t restrict who units passwords to the proprietor of the contracts.

See under for proof of idea.

Influence: Anybody can learn the non-public password, severely breaking the performance of the protocol

Proof of Idea: – First i set my forge init –force to replace my foundry setup

make anvil

make deploy

  • this may get the hash of the password saved in

solid storage [address of the contract][contract PasswordStore 0x5FbDB2315678afecb367f032d93F642f64180aa3] --rpc-url http//127.0.0.1:8545

  • cross phrase saved right here will probably be within the hash

string non-public s_password;

  • it can produce the password of the proprietor

solid parse-bytes32-string [hash value]

You’re going to get the password on the chain.

Really useful Mitigation: I consider passwords shouldn’t be saved this fashion, as it can go away possibilities to anybody selecting via the password; passwords needs to be saved out of the chain, and decrypt hash needs to be applied to encrypt after which decrypt utilizing password hash.



[S-#] No entry management: Anybody can name and alter the password

Description: The PasswordStore::setPassword perform is ready to be an exterior perform; nevertheless, all the focus of the contract is that his perform permits solely the proprietor to set a brand new password.

perform setPassword(string reminiscence newPassword) exterior {
    s_password = newPassword;
        emit SetNetPassword();
    }
Enter fullscreen mode

Exit fullscreen mode

Influence: Anybody can change the password thereby severely limiting the worth of the contract’s supposed utilization

Proof of Idea: Add the next to the Password.t.sol check file

code

perform test_anyone_can_set_password() public {
        string reminiscence expectedPassword = "anyonesPassword";

        // Set the password as a non-owner
        vm.startPrank(tackle(1));
        passwordStore.setPassword(expectedPassword);
        string reminiscence actualPassword = passwordStore.getPassword();
        assertEq(actualPassword, expectedPassword);
    }

Enter fullscreen mode

Exit fullscreen mode

Really useful Mitigation: Add entry management to setPassword perform

if(msg.sender != s_owner){
    revert Passsword__Not_Owner()
}

Enter fullscreen mode

Exit fullscreen mode



[S-#] Parameter doesn’t exist however included

Description: The PasswordStore::getPassowrd perform signature is getPassword whereas the natspec says it ought to embody a string a parameter getPassowrd(string).

Influence: Fallacious, deceptive idea

Really useful Mitigation: Take away the road or appropriate it to satisfy the code construction

- * @param newPassword The brand new password to set.
Enter fullscreen mode

Exit fullscreen mode

The Article was Inspired from tech community site.
Contact us if this is inspired from your article and we will give you credit for it for serving the community.

This Banner is For Sale !!
Get your ad here for a week in 20$ only and get upto 10k Tech related traffic daily !!!

Leave a Reply

Your email address will not be published. Required fields are marked *

Want to Contribute to us or want to have 15k+ Audience read your Article ? Or Just want to make a strong Backlink?