parity多签名合约漏洞分析

菠菜philsong 发布在 技术指南 1 1194

昨晚出事后看了安全公告:https://paritytech.io/blog/security-alert.html

分析合约代码后:https://etherscan.io/address/0x863df6bfa4469f3ead0be8f9f2aae51c91a907b4#code

Computer security

发现漏洞由如下代码段引起:

  // constructor - just pass on the owner array to the multiowned and
  // the limit to daylimit
  function initWallet(address[] _owners, uint _required, uint _daylimit) only_uninitialized {
    initDaylimit(_daylimit);
    initMultiowned(_owners, _required);
  }

  // constructor is given number of sigs required to do protected "onlymanyowners" transactions
  // as well as the selection of addresses capable of confirming them.
  function initMultiowned(address[] _owners, uint _required) only_uninitialized {
    m_numOwners = _owners.length + 1;
    m_owners[1] = uint(msg.sender);
    m_ownerIndex[uint(msg.sender)] = 1;
    for (uint i = 0; i < _owners.length; ++i)
    {
      m_owners[2 + i] = uint(_owners[i]);
      m_ownerIndex[uint(_owners[i])] = 2 + i;
    }
    m_required = _required;
  }

这个函数假定创建者会调用initWallet函数,但是initWallet根本没有任何鉴权,任何人都可以成为owner,然后就可以调用kill函数杀死合约自身。

  // kills the contract sending everything to `_to`.
  function kill(address _to) onlymanyowners(sha3(msg.data)) external {
    suicide(_to);
  }

自杀之后,唯一可以用的函数只有

  // gets called when no other function matches
  function() payable {
    // just being sent some cash?
    if (msg.value > 0)
      Deposit(msg.sender, msg.value);
  }

parity是我现在用的eth客户端,速度快,体验好,然而安全问题是0容忍的,出现安全事故也是挺震惊的。



作者:菠菜philsong
原文载于:http://www.jianshu.com/p/8b13024bc430
版权声明: by nc" sa 作者保留权利。文章为作者独立观点,不代表巴比特立场。

评论:1

您需要登录后才可以回复 登录|注册
    Author Image
    以太坊 12 天前

    安全的智能坊却没什么动静

    +1
    +1
    我要点评