Ethereum Smart contract and dApp developer Level K has uncovered the existence of a vulnerability within the Ethereum framework that potentially allows bad actors to mint large amounts of GasToken when receiving ETH.
In a blogpost published on November 21, the company revealed that the weakness has been flagged to most at-risk exchanges who have since effected software patches to contain the threat.
Potential GasToken Security Weakness
The vulnerability arises when ETH is sent to an address, which is then able to carry out arbitrary computations that the transaction originator pays for, which comes with a risk of ‘griefing’ – an action by a bad-faith actor designed to cause damage to network users. In theory, an attacker would be able to make a transaction originator such as an exchange pay for an arbitrary amount of computation if the exchange has no protections like gas limits in place.
By minting vast amounts of GasToken while receiving ETH, it would thus be possible at least in theory for such a griefing attack to become profitable to a bad actor.
What is more, the risk is not limited to ETH, but also includes all Ethereum-based tokens such as those built on ERC-721 and ERC-20 standards. In the course of carrying out contract calls to effect transfers, exchanges that do not set a gas limit for transactions with these tokens can end up paying for vast amounts of computation and suffering similar fate.
An excerpt from material published by Level K explaining the threat using a hypothetical case study reads as follows:
“In the simplest exploit scenario, Alice runs an exchange, which Bob wants to harm. Bob can initiate withdrawals to a contract address he controls with a computationally intensive fallback function. If Alice has neglected to set a reasonable gas limit, she will pay transaction fees out of her hot wallet. Given enough transactions, Bob can drain Alice’s funds. If Alice fails to enforce Know Your Customer (KYC) policies, Bob can create numerous accounts to circumvent single-account withdrawal limits. In addition, if Bob also wants to make a profit, he can mint GasToken in his fallback function, and make money while causing Alice’s wallet to drain.”
According to Level K, exchanges potentially affected by the vulnerability were notified privately on November 13, and because it was not possible to say exactly which ones had no protections in place, this notification was sent to as many exchanges as possible, all of whom have now implemented patches to fix the problem.
Level K has also published further information and a complete rundown of the threat and the actions taken to contain it here.