├── LICENSE
├── README.md
└── ownership
├── README.md
└── solutions
└── transferOwner.sol
/LICENSE:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2020 uni
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # Best Practices
2 | Lessons learned from smart contract audits.
3 |
4 | ## Basic Coding Bugs
5 | ### Severity: Critical
6 | - Constructor Mismatch: whether the contract name and its constructor are unidentical.
7 | - Ownership Takeover: whether the transfer ownership function is vulnerable.
8 | - Redundant Fallback Function: whether the contract has a redundant fallback function.
9 | - Overflows and Underflows: whether the contarct has general overflows or underflow vulnerabilities.
10 | - Reentrancy: an issue when code can call back into your contract and change statem such as withdrawing ETH.
11 |
12 | ### Severity: High
13 | - Money-Giving Bag: whether the contract returns funds to an arbitrary address.
14 | - Blackhole: whether the contract locks ETH indefinitely: merely in without an out.
15 |
16 | ### Severity: Medium
17 | - Unauthorized Self-Destruct: whether the contract can be killed by any arbitrary address.
18 | - Revert DoS: whether the contract can be killed by any arbitrary address.
19 | - Unchecked External Call: whether the contract has any external call without checking the return value.
20 | - Gasless Send: whether the contract is vulnerable to hasless send.
21 | - Send Instead of Transfer: whether the contract uses the send function instead of transfer.
22 | - Costly Loop: whether the contract has any costly loop which may lead to Out-Of-Gas exception.
23 | - (Unsafe) Use of Untrusted Libraries: whether the contract uses any suspicious libraries.
24 | - Transaction Ordering Dependence: whether the final state of the contract depends on the order of the transactions.
25 | - Deprecated Uses: wether the contract uses the deprecated tx.origin to perform the authorization.
26 |
27 | ## Additional Recommendations
28 | - Avoid Use of Variadic Byte Array: use of fixed-size byte array is better than that of byte[], as the latter is a waste of space.
29 | - Make Visibility Level Explicit: assign explicit visibility specifiers for functions and state variables.
30 | - Make Type Inference Explicit: avoid the keyword var to specify the type ik.e. it asks the compiler to deduce the type, which is not safe, esp in a loop.
31 | - Adhere to Function Declaration Strictly: solidity compiler (v0.4.23) enforces strict ABI length checks for return data from calls(), which may break the execution if the function implementation does NOT follow its declaration (e.g., no return in implementing transfers() of ERC20 tokens.
32 |
33 |
34 | ## References
35 | - axic. [Enforcing ABI length checks for return data from calls can be breaking](https://github.com/ethereum/solidity/issues/4116)
36 | - MITRE. [CWE-1041: Use of Redundant Code](https://cwe.mitre.org/data/definitions/1041.html)
37 | - MITRE. [CWE-841: Improper Enforcement of Behavioral Workflow](https://cwe.mitre.org/data/definitions/841.html)
38 | - MITRE. [CWE CATEGORY: Bad Coding Practices](https://cwe.mitre.org/data/definitions/1006.html)
39 | - MITRE. [CWE CATEGORY: Business Logic Errors](https://cwe.mitre.org/data/definitions/840.html)
40 | - MITRE. [CWE VIEW: Development Concepts](https://cwe.mitre.org/data/definitions/699.html)
41 | - OWASP. [Risk Rating Methodology](https://www.owasp.org/index.php/OWASP_Risk_Rating_Methodology)
42 | - PeckShield. [ALERT: New batchOverflow Bug in Multiple ERC20 Smart Contracts (CVE-2018- 10299)](https://www.peckshield.com/2018/04/22/batchOverflow/)
43 | - PeckShield.[ New burnOverflow Bug Identified in Multiple ERC20 Smart Contracts (CVE-2018- 11239)](https://www.peckshield.com/2018/05/18/burnOverflow/)
44 | - PeckShield. [New multiOverflow Bug Identified in Multiple ERC20 Smart Contracts (CVE-2018-10706)](https://www.peckshield.com/2018/05/10/multiOverflow/)
45 | - PeckShield. [New proxyOverflow Bug in Multiple ERC20 Smart Contracts (CVE-2018-10376)](https://www.peckshield.com/2018/04/25/proxyOverflow/)
46 | - PeckShield. [PeckShield Inc](https://www.peckshield.com)
47 | - PeckShield. [Your Tokens Are Mine: A Suspicious Scam Token in A Top Exchange](https://www.peckshield.com/2018/04/28/transferFlaw/)
48 | - Solidity. [Warnings of Expressions and Control Structures](http://solidity.readthedocs.io/en/develop/control-structures.html)
49 |
--------------------------------------------------------------------------------
/ownership/README.md:
--------------------------------------------------------------------------------
1 | # Unsafe Ownership Transition
2 | ## function: transferOwnership
3 | ### Description
4 | The Owned contract is used for ownership management in a contract. When the contract owner needs to transfer the ownership to another address, she could invoke the
5 | transferOwnership() function with a newOwner address. However, if the newOwner isn't the exact address (e.g. typo), the contract would be ownerless.
6 | ### Recommendation
7 | Implement a two-step ownership transfer mechanism that enables the new owner to claim the ownership by signing a transaction.
8 |
--------------------------------------------------------------------------------
/ownership/solutions/transferOwner.sol:
--------------------------------------------------------------------------------
1 | pragma solidity ^0.7.0;
2 |
3 | function safeTransferOwnership(address newOwner) external onlyOwner
4 | {
5 | require(newOwner!=address(0), "Owned: Address must not be null");
6 | require(candidate Owner != newOwner, "Owned: Same candidate owner");
7 | candidate Owner = newOwner;
8 | }
9 |
10 | // new owner claims ownership
11 | function claimOwner() external
12 | {
13 | require(candidate Owner == msg.sender, "Owned: Claim ownership failed");
14 | owner = candidate Owner;
15 | emit OwnerChanged(candidate Owner);
16 | }
17 |
--------------------------------------------------------------------------------