Here is the written transcription of the video:
Ish Goel: Hey guys, my name is Ish Geol and this is the third episode of our All About Smart Contracts podcast. In this video, we are going to talk about the Denial of Service attack on Smart Contracts, and I’ve once again got Nitika along with me who will be speaking about the Denial of Service attack in this video. Welcome Nitika to this episode
Nitika Goel: Thank you! I’m very excited.
Ish Goel: So Nitika, as far as I understand, from a Denial of Service perspective and that too in relation to Smart Contracts, I understand that even if you write the business logic in a Smart Contract, which imitates your business requirements. However, there are certain scenarios when even the best of the Smart Contracts are denied of service. So, I mean, this is very hard to judge right? How do you identify, DoS attacks on Smart Contracts? How many types of DoS attacks are there? I mean, how do you basically understand whether it’s a DoS attack or not? So, it would be great to hear from you, So, the first question is, how many types of DoS attacks are there?
Nitika Goel: So typically, like we talk about three kinds of DoS attacks. So, one of them would be an Unexpected Revert. So, where you were not expecting a transaction to revert, but it is reverting. the second would be, something related to Block Gas Limits. So, Ethereum has a Block Gas Limit where in like a maximum gas of XYZ, whatever is running on the Blockchain, that’s the maximum amount of complexity that you can pass in a single transaction.
If your transaction crosses or exceeds that, gas limit, the transaction will not go through. And the third is a Block Stuffing, which is not done by, one person. It is an attack like it’s an indirect attack, I would say. So, I think we can go step wise into…
Ish Goel: Let’s do that. So, the first one, the Unexpected Revert, that’s what it is, right? So can you explain what does that mean and what does it entail?
Nitika Goel: Okay, so let’s imagine somebody is building an auction for arts and people come in they bid, the person who bids the maximum amount, the art goes to that person.
Ish Goel: It’s like a standard auction.
Nitika Goel: So, think about a Smart Contract written in this way. You come and you place a bid. I seal your name as the highest bidder. Somebody else comes and he places a bid more than you and I revert your money and then I place his name as the maximum, the highest bidder.
Ish Goel: So, there is a piece of art, which is, let’s say tokenized, and then, that smart contract is expecting people to come and place their bids.
So, there are multiple people placing their bids, one person comes and says that I am bidding for $10, the other person says I’m bidding for $20 so technically the smart contract is going to revert back the $10 transaction and expect that the maximum bid right now is at $20.
Nitika Goel: This looks logically fair, but now, if an attacker actually wants to come and attack the system, what he would do is instead of placing a bid via his standard and individual Ethereum address, like Meta Mask address, he would create a smart contract and place the bid via the Smart Contract.
Ish Goel: Okay, so it’s like a contract placing a bid, on the other contract instead of an individual Ethereum address.
Nitika Goel: Now, if this Smart Contract, reverts a transaction in its fallback function. So a Fallback Function is typically the function, which is called when you send money to that contract. So whenever I sent, say XYZ amount of Ether to this contract, by default, the fallback function is called.
So, if we go back to the example that we were just talking about, somebody with this contract, malicious contract, places a bid say for $11. And now a genuine user comes and he wants to bid for $12. So, I accept the $12 and I want to revert the money. I want to send back the money, the $11 to the Smart Contract.
Ish Goel: So, let’s put some names to this, right? Let’s say person A, hits these contracts with a bid off $11. Yes, but this has been done using a smart contract,
Nitika Goel: A malicious Smart Contarct,
Ish Goel: Person B comes and then he bids for $12. So technically $11 should be reverted and $12 should be accepted as the maximum bid.
Nitika Goel: All of this is happening in a single transaction. So, I’m receiving the $12 and I’m trying to pay back the $11 person whatever was due. Now, since I’m trying to pay back the $11 but this is done by a Smart Contract, which refuses to accept any Ether…
Ish Goel: Because of the wrong the fallback function of the malicious Smart Contract.
Nitika Goel: So, I’m unable to proceed with this transaction. So, person will not be able to place a bid and the auction goes to this Malicious Smart Contract.
Ish Goel: So, the $12 guy, the person B, his bid is always unsuccessful because our Smart Contract is unable to accept that bid, because we are unable to revert back the $11 to the Malicious Smart Contracts.
Okay, so, what is it called?
Nitika Goel: This is called an Unexpected Denial of Service Attack.
Ish Goel: So, this is a massive issue. I mean, despite writing all kinds of functionalities in your Smart Contracts, which are imitating your business requirements, there is still a scenario that a different type of a user, which is not an individual ethereum address, but another malicious Smart Contract can actually play with your system and not allow you to complete the entire algo, which you’ve written.
I think we move onto the next Denial of Service attacks. So, what’s the next one? And if you want to talk about it.
Nitika Goel: So, like I explained earlier, Ethereum has a Block Gas Limit. So basically, the maximum amount of gas that can go through in a single block, now assuming, there’s only one transaction in the block, which is like really rare.
But even if that is the case, there is a limit of gas that your transaction can actually take. Right? So now, the more complexity, the more competition that your transaction has, the higher is the gas that is required. So, there are chances where some heavy competition can actually result in your transactions going out of gas. So, I’ll give you an example. Let’s say we have a process of auto liquidation of loans, maybe,
Ish Goel: Which is a very common thing in Stable Coins specifically,
Nitika Goel: Right, in all loans and most on DeFi applications, there is a concept where you have to process a lot of records. So let’s say, the logic is written in such a way that I get the Ethereum versus USD price, and I see, I go through all my loans and I try to see that how many loans are actually under collateralized and I try to or auto liquidate them. Now, if I try to do this in a single transaction, this will result in the transaction going out of the Block Gas Limits. If I process a lot of loans in a single transaction.
Ish Goel: Any complex computation, like auto liquidation of loans is a complex, right? But auto liquidation might be a single transaction,
Nitika Goel: but if I write it in a way that, you know, I’ve tried to process a lot of, I have unbounded arrays, I want to go through all my active loans, or maybe like, you know, when I have to give rewards. So, for example, I am, trying to see that this reward distribution has to be done in a single transaction. This may lead to Block Gas Limits. So, whenever I am processing unbounded arrays, whenever I’m trying to do something, large in number. So, in those cases, there are chances that, the Block Gas Limit might be breached.
Ish Goel: Denial of service because the transaction is unable to complete itself, but this time, it’s not somebody malicious coming in and playing with your contract. It’s the limitation of the underlying infrastructure.
Nitika Goel: So that is why these attacks are simpler to catch.
Ish Goel: First one sounds more complex
Nitika Goel: But at the same time, there are times when, you know. A more practical approach, around about approach is very difficult to identify. So, you know, it’s very easy, let’s you just distribute the rewards instead of, you know, you calculate the rewards and then you distribute them back. There are times when it’s difficult to go around the bush.
Ish Goel: Okay, so I think this takes us to the third kind of denial of service, which is Block Stuffing. So, let’s talk about that.
Nitika Goel: So, in this attack, I place a transaction and then I block the entire Ethereum network with a lot of transactions so that nobody else can participate in the Smart Contract.
So, this actually happened with the Fomo3D, so Fomo3D is gambling kind of an app, and it’s built in such a way that whoever possesses the last key is the kind of winner in this application. So, whenever I pass a transaction, a timer restarts, and if there are no more transactions within that time period, I am the winner. So, attacker comes….
Ish Goel: And he stuffed it with so many transactions that nobody else can actually come in. I see.
Nitika Goel: This is what actually happens. I got the key, and then I stuffed seven blocks.
Ish Goel: Not you I hope…
Nitika Goel: Yeah, of course. Not me, so the attacker, he got the key and then stuffed seven consecutive blocks with loads and loads of transactions, which were very heavy. And paid a very good gas price. The miners don’t see, anything but the gas price. So, his transactions were going through and no other transaction could actually make it.
This is generally happening like in applications where you have time limitations to react to a situation and people try to just phase away that time.
Ish Goel: Okay, great. So, I think as a summary we’ve spoken about three Denial of Service attacks. First is an Unexpected Revert, second is a Block Gas Limit, and the third one being the Block Stuffing. So, with respect to Smart Contracts, these three types of Denial of Service attacks impact the execution of the Smart Contract in the way it should execute ..
Nitika Goel: ..and denies other users to participate.
Ish Goel: …and denies somebody else to actually participate.This is great. Thank you so much Nitika, for explaining the denial of service attack.
So, guys, that’s it from our episode three of the all about smart contracts podcast series. If you liked watching the video, please don’t forget to subscribe to our channel and also share your thoughts and comments.
We are always there to talk about anything Blockchain and specifically Audits. Thank you so much for watching it and stay tuned for more. Thank you.
Nitika Goel: Thank you.