Arrow icon
Ness Labs: Make the most of your mind
Learn more about Joggo

A Summary of

What do we mean by “blockchains are trustless”?

View original

While Part 1 of this series focused on high profile vulnerabilities, this post examines vulnerabilities in smart contracts that have not yet been exploited

  • Forcing ether to a contract 
    • If the receiving address is a contract, the self-destruct function can prevent the fallback function from getting executed 
    • Mitigation: never use a contract’s balance as a guard 
  • Call to the unknown 
    • In the King of the Ether Smart contract, attackers could cause permanent denial of service by claim in leadership 
  • Short address attack 
    • Allows an attacker to abuse the transfer function and withdraw a larger amount of tokens than he is allowed to 
    • Mitigations: throw if has invalid size, exchanges must per
Related content
See all posts
Arrow icon