How secure are smart contracts?

12/17/2020
G DATA Blog

Smart contracts are related to cryptocurrencies and offer more efficiency than usual contracts in certain areas. Meanwhile, they are only as secure as the programmer's best knowledge. Due to bad programming practices, some contain exploitable flaws. So what kind of security risks are there? In this article we look at what smart contracts are, the risks and possible solutions.

What is a smart contract?

A smart contract enforces the negotiation of an agreement without the need of a middle-men, like a lawyer. Settled negotiations (transactions) are stored on the blockchain. The most well-known smart contract platform is Ethereum. Key benefits:

  1. Transparency - The data on the blockchain is available for everyone to see.
  2. Efficiency - No room for (mis-) interpretations or lost documents. "code is law" is a popular expression that describes this behaviour.
  3. Cost reduction - As middle-men are cut-out, the costs are significantly reduced as well.
  4. Security - Cryptography is used to secure transactions and prevents attacks like double spending.

While smart contracts are largely used to transfer cryptocurrencies, they are more and more used to transfer value in general. A few examples:

Security tokens are digital securities that can be bought and sold via smart contracts. For example, the "RVW Token" lets movie enthusiasts easily get a share of the profits generated by the upcoming movie "Roe v. Wade".

No late wage payments: Let's say an employer keeps all the company money inside a smart contract. The contract is programmed to send a specified amount of money to each employee per month. The contract is also programmed to not be able to withdraw all the money available. Employees now have the digital verifiable security, that they will get their money each month without any complications.

Smart contract failures

The DAO hack - The decentralized autonomous organization (DAO) aimed to be a type of investment fund. An anonymous DAO user applied a variant of the reentrancy bug and fraudulently withdrew large amounts of the cryptocurrency Ethereum from that investment fund.

The parity hack - The use of libraries during programming is a common practice. If the code of the library is flawed, the code using the library may be flawed too. An anonymous person gained control over a flawed library and allegedly called the "kill" function, which destroyed the library. At this point in time, lots of wallets containing 513.774 Ether (~154 million USD) in total used this library. After the library was destroyed, the funds were unreachable and hence lost.

"Finding The Greedy, Prodigal, and Suicidal Contracts at Scale" - In a report from 2018, five researchers published that about 34,200 Ethereum smart contracts worth $4.4 million in Ether contain identified flaws. Over the years, Ethereum got more complex, not less. This means that likely there are more vulnerable contracts than ever before.

  • Harvest finance - Harvest finance used an external price feed. The actor made 24$ million by manipulating this feed. For simplicity, we'll be thinking of the external price feed as USD price feed.
  • During deposit, the actor drove up the external USD price feed value, giving the actor more shares of the harvest finance pool (as the USD apparently was worth more). During withdrawal, the actor drew down the external USD price feed value, giving the actor more USD for the shares. During the whole time, the actual USD was worth the same. Harvest finance just got played by using unstable price feeds. The whole attack is outlined in a medium post by harvest finance.

Securing smart contracts

Smart contract security technically works via the same concepts as the security of any software. Coding, testing, insuring. Specialized it security insurances exist and due to the young crypto market, smart contract failure insurance companies only emerge.

Writing secure code: The very first step of a secure application starts from within - The code itself. If the code is not created with best programming practices, it widens the attack surface of a potential attacker. Especially if it's accessible on the internet (like smart contracts). Ethereum knows this and has published guidelines, which assist to create smart contracts securely.

Testing the code: Code tests are another piece of the puzzle. They are essential for secure software. Here, the runtime execution is tested. This can be done on your own, but it's best to consider experienced companies like CertiK.

Insuring the code: This is a quite interesting angle to smart contracts - Smart contract failure insurances. An upcoming solution is Bridgemutual. They could have covered the previously mentioned harvest finance hack, according to their pitchdeck. Insurances are known to be used in various areas like health, automobiles or work. Clients get insured to have a level of safety about their time spent in those areas. With smart contract use rising, smart contract failure insurances may become more important - Especially for companies with larger pockets.

Outlook

The possible use of smart contracts is discovered every day by now. Dhedge enables everyone in the world to become an investment manager. This is partly possible due to the fact, that the smart contracts are using data feeds. The interesting thing about that is that the data feeds could be anything - The Virustotal API or the population count of America. So in theory, there could be a malware investment manager, that specializes on the amount of new malware coming up the next day. And the people could invest in their favorite one!

With that being said, smart contracts remain a relatively new technology. As new technology tends to have flaws, so do smart contracts. Smart contracts are most secure, if the programmer is knowledgeable in this field.

In the end, we see public open source blockchains as net positive, largely because flaws are eliminated faster versus private blockchains.

G DATA Security Lab
Virus-Analyst Team