-
Notifications
You must be signed in to change notification settings - Fork 53
Tactics
sam bacha edited this page Jun 25, 2024
·
1 revision
| Technique | ID | Title | Condition | Description | Mitigation | Reference |
|---|---|---|---|---|---|---|
| Use of Unsafe Transfer Methods | T1001 | Use safeTransferFrom for ERC20, ERC721 | Non-revert ERC20, not-safe-transfer | Attackers can exploit the unsafe transfer method in ERC20 and ERC721 tokens, leading to loss of funds. |
Always use safeTransferFrom method to ensure the transfer is successful and prevent potential exploits. |
GitHub Issue |
| Technique | ID | Title | Condition | Description | Mitigation | Reference |
|---|---|---|---|---|---|---|
| Insecure Library Usage | T2001 | Check tokenAddress when using solmate safeTransfer | Solmate, safeTransferFrom | Incorrect implementation or insufficient checks when using libraries such as solmate for safeTransferFrom can lead to vulnerabilities. |
Ensure proper address validation when using library functions to avoid unintended behaviors. | GitHub Issue |
| Technique | ID | Title | Condition | Description | Mitigation | Reference |
|---|---|---|---|---|---|---|
| Insufficient External Call Validation | T3001 | Check the success of external call | Return check is non-complete | Attackers may exploit incomplete return checks for external calls to escalate privileges or manipulate contract state. | Implement comprehensive checks for the success of external calls to ensure that all operations have been executed as expected. | GitHub Issue |
| Improper Role Authorization | T3002 | Not removed delegation in burn | Burn, delegation, ownerships | Lack of role-based access control allows unauthorized users to perform restricted actions. | Implement role-based access control to restrict access based on user roles. | GitHub Issue |
| Improper Role Authorization | T3003 | Approver has no ownership so do not delete from msg.sender | Burn, ownership, delete from msg.sender | Lack of role-based access control allows unauthorized users to perform restricted actions. | Implement role-based access control to restrict access based on user roles. | GitHub Issue |
| Improper Role Authorization | T3004 | Missing Role-based Access Control | Role-based access missing | Lack of role-based access control allows unauthorized users to perform restricted actions. | Implement role-based access control to restrict access based on user roles. | GitHub Issue |
| Improper Role Authorization | T3005 | Anyone can initialize variable restricted by only owner | LastXXX, block.timestamp | Lack of role-based access control allows unauthorized users to perform restricted actions. | Implement role-based access control to restrict access based on user roles. | GitHub Issue |
| Improper Role Authorization | T3006 | Anybody can get a user’s ETH | Cancel, withdraw, msg.sender | Lack of role-based access control allows unauthorized users to perform restricted actions. | Implement role-based access control to restrict access based on user roles. | GitHub Issue |
| Improper Role Authorization | T3007 | Users can forfeit other user rewards | GetReward, epch, lastIndex, no access control | Lack of role-based access control allows unauthorized users to perform restricted actions. | Implement role-based access control to restrict access based on user roles. | GitHub Issue |
| Improper Role Authorization | T3008 | Insufficient access control to create market | CreateXXX | Lack of role-based access control allows unauthorized users to perform restricted actions. | Implement role-based access control to restrict access based on user roles. | GitHub Issue |
| Technique | ID | Title | Condition | Description | Mitigation | Reference |
|---|---|---|---|---|---|---|
| Reentrancy Attacks | T4001 | Can Reentrance from an external call | External call, nonReentrancy | Reentrancy attacks occur when an attacker makes a recursive call to the same function, bypassing the intended logic and potentially draining funds. | Use the Checks-Effects-Interactions pattern and nonReentrant modifiers to prevent reentrancy. | GitHub Issue |
| Reentrancy Attacks | T4002 | SafeMint can reentrance | SafeMint, nonReentrant | Reentrancy attacks occur when an attacker makes a recursive call to the same function, bypassing the intended logic and potentially draining funds. | Use the Checks-Effects-Interactions pattern and nonReentrant modifiers to prevent reentrancy. | GitHub Issue |
| Cross Reentrancy | T4003 | Cross Reentrancy | Check, effect, interaction | Attackers may exploit the ability to make recursive calls across different contracts, causing unintended side effects. | Implement robust checks and use patterns like Checks-Effects-Interactions to mitigate risks. | GitHub Issue |
| Technique | ID | Title | Condition | Description | Mitigation | Reference |
|---|---|---|---|---|---|---|
| Denial of Service | T5001 | Unbounded Loop | Add arbitrary value to array | Infinite loops can lead to denial of service, causing the contract to become unresponsive. | Ensure loops have proper exit conditions to avoid infinite execution. | GitHub Issue |
| Denial of Service | T5002 | DoS: can add the arbitrary value to batch transferring function | Transfer, loop | Attackers can exploit unbounded loops in batch transfer functions to cause denial of service. | Implement bounds on loops and ensure proper gas management to prevent DoS attacks. | GitHub Issue |
| Denial of Service | T5003 | Denial of Service | Infinite loop | Infinite loops can lead to denial of service, causing the contract to become unresponsive. | Ensure loops have proper exit conditions to avoid infinite execution. | GitHub Issue |
| Technique | ID | Title | Condition | Description | Mitigation | Reference |
|---|---|---|---|---|---|---|
| Unauthorized Data Access | T6001 | Exposed Sensitive Information | Sensitive data exposed | Exposing sensitive information such as private keys or user data can lead to unauthorized access. | Mask or encrypt sensitive information and restrict access to it. | GitHub Issue |
| Technique | ID | Title | Condition | Description | Mitigation | Reference |
|---|---|---|---|---|---|---|
| Dependency on Vulnerable Libraries | T7001 | OpenZeppelin Dependency | @openzeppelin/ … /( ~4.4.1 ) | Utilizing outdated or vulnerable versions of libraries such as OpenZeppelin can introduce significant security risks. | Regularly update dependencies to the latest versions and monitor for any reported vulnerabilities. | GitHub Issue |
| Technique | ID | Title | Condition | Description | Mitigation | Reference |
|---|---|---|---|---|---|---|
| Use of Incorrect Oracle Results | T8001 | No checked success for Oracle(external |