bookmark_borderPublic Smart Contract Audit: Next Earth, part 1.

Overview

The Next Earth project requested a smart contract code security audit.

Start date of the audit: 2021.07.06.

Report date: 2021.07.07.

Project website: https://nextearth.io/

Platform: Solidity / Ethereum

Audited commit: 4bac0998cac7e19a3a5370c997551ba71bb82d57

Smart contracts in scope:

  • NFT.sol
  • Payment.sol
  • Presalse.sol
  • PriceFeed.sol

Imported smart contracts:

  • @chainlink/contracts/src/v0.6/interfaces/AggregatorV3Interface.sol
  • @openzeppelin/contracts/access/AccessControl.sol
  • @openzeppelin/contracts/access/Ownable.sol
  • @openzeppelin/contracts/security/Pausable.sol
  • @openzeppelin/contracts/token/ERC721/ERC721.sol
  • @openzeppelin/contracts/token/ERC721/extensions/ERC721Burnable.sol
  • @openzeppelin/contracts/token/ERC721/extensions/ERC721Enumerable.sol
  • @openzeppelin/contracts/utils/cryptography/ECDSA.sol

Overall result: pass

Auditor: six ~ PGP 450F 4AC8 0BD8

Objective and methodology

The objective of the security assessment is to gain insight into the security of the smart contracts listed in the scope.

Code review main check items:

  • Line-by-line audit
  • Business logic
  • Data consistency
  • Coding style violations
  • Gas usage
  • Reentrancy

Automated tools:

Further documents incorporated in the methodology:

Audit results

Critical severity

No cricitcal severity issue have been found during the manual code review or by using automated tools.

High severity

No high severity issue have been found during the manual code review or by using automated tools.

Medium severity

No medium severity issue have been found during the manual code review or by using automated tools.

Low severity

Presale.sol | Creation of unintended packs in setPackPrice()

Description and impact

At line61 it is specified that we have packages from 1 to 5, but in the setPackPrice function at line120, it allows to pass zero or any positive number up to 2**32-1 for _type and 2**256-1 for price.

Logic says, that would be also an integer overflow, but from Solidity compiler version 0.8.0, overflowing transactions get reverted automatically.

This vulnerability allows the creation of packages against the intentional logic of the project.

This is only a low level vulnerability as onlyOwner is used and it can’t be exploited by others.

Line 61.:

require(packType >= 1 && packType <= 5, “invalid pack type”); // we have 5 pack types from 1 to 5

Line 120.:

function setPackPrice(uint32 _type, uint256 price) external onlyOwner {

packPrices[_type] = price;

}

Proposed solution

You could use a require statement checking the type (and preferably the price too) before setting the price for a pack.

Presale.sol | Unused code, todo, typo

Description

Payment.sol, line36.

// TODO can we do this pull over push?

Presale.sol, line 88.

// uint256 contractShare = msg.value – charityShare – comissionShare; // not used, need to remove it

NFT.sol, line 42.

// happens against a signle single user…

Presale.sol, multiple lines:

comissionCode” → “commissionCode”

Proposed solution

Update the mentioned points.

NFT.sol | Minting functions can go above gas limit

Description

The issue was acknowledged by the project before the audit.

Function safeMint from line 35. and function safeMintTo() from line 49. can go above the gas limit if tokenIds.length becomes too big.

Proposed solution

Implement limits, don’t let users break themselves.

Lack of README file

Description

The project does not have a README file or documentation.

Proposed solution

Provide a clear documentation and use more comments.

Lack of comments regarding functionality

Description

The smart contracts have comments at some critical points, but not about the functions or general code logic.

It is also recommended to add NatSpec to the code.

Proposed solution

Follow the Solidity Coding style guide.

https://docs.soliditylang.org/en/latest/style-guide.html

Contact

Awalcon – six

Website: https://awalcon.org/

E-mail:six@awalcon.org

Telegram/Signal: +36 20 256 4090

Git: https://git.hsbp.org/six

PGP: B1F7 B1D6 8838 98B4 2212 1D90 CA71 D1E4 078E 99C5

bookmark_borderCCTF 5 Writeups – Part 1.

RTFM (50 points)

As is the case with all CCTF editions, there’s a quasi-challenge that points people in the direction of the manual, and which is supposed to give an initial feel for how the search for a so-called flag goes. The accepted solution was one of the example flags shown in the manual.

Author: SI

unk (80 points)

A real, entry-level challenge. A file (named “unk”) was presented. It appears to be a damaged Microsoft Word document. A Word document is actually a Zip archive containing things like XML and thumbnail image files. Different Zip implementations work differently on damaged archives; e.g. GNU Zip was able extract the damaged Zip archive to a sufficient extent. The flag was in the thumbnail image. — Sometimes thumbnails are not in sync with the working text of the document, and may contain sensitive data: snapshots of rendered text that was deleted.

Author: SI

CryptoFriend (80 points)

Another entry-level challenge. A file was presented under the name “a_friend.zip”. This was also an invalid Zip archive.

tl;dr: the file turned out to be a concatenation of a Zip archive and a PNG image, where the latter contained the flag. But on to the goose chase leading to this discovery:

E.g. FreeBSD’s Zip implementation extracted a single “a friend.docx” file. This file was a valid Word document which read “i hid my location, come help me”. OK, let’s do this.

No, the thumbnail didn’t contain a flag. According to metadata in the document, the document was prepared by Kevin Chung on 2017-09-11. Let’s find this guy. Searching the internet for his contact information, cryptocurrency addresses, etc, but most importantly, flags, it came to light that he’s behind CTFd, the web application powering the CCTF contest’s portal — the plot thickened. He also runs a blog. One of his blog posts, dated closest to 2017-09-11, really contains a string of the form “FLAG{…}”. Tough luck: wrong answer. In fact, Kevin Chung appeared the same way in the “unk” challenge. So this was a witch hunt.

One other thing was eye-poking: potentially subliminal data in the Word document’s XML attributes, e.g. “paraId="3B2827CE"” — is there real content embedded in these IDs, or is this totally random crap?

The “a_friend.zip” file was actually ~19MiB in size, while the extracted “a friend.docx” was only ~24KiB, so it makes more sense that the flag was to be hidden outside the latter. Inspecting the file (using tools like: strings, hd, etc), one could stumble upon the following:
• There was EXIF data containing latitude–longitude coordinates. However, those pointed to Andromeda, so this lead had to be scrapped as well.
• There was an EXIF user comment with a code of some sort: “FM0 FC000000000:zzzzzz1 f144 078043881a29e1e816c14c0 bac 87152…”. Well, whatever.

Upon further inspection, it was then apparent that the EXIF structure was actually part of a PNG image that appeared without compression in the “a_friend.zip” file.

Author: SI

Vault (100 points)

Given some smart contract — the source code and a deployed instance, displayed by the etherscan.io service —, the task was to determine the correct call to the contract that would exfiltrate the 0.1337 ETH (of the Ropsten test network kind) from the contract.

In the constructor, the `pin` variable was initialized with the value of `block.timestamp % 10000`, and then never changed. And there was the fund retrieval function taking a single number argument, which would compare the number against the `pin` variable. The latter just signifies that we were looking for the value of `block.timestamp` at the time of construction.

There were multiple techniques to tackle this problem:

• A hacky approach was to try to call the contract with every possible value from 0 to 9999, and see which worked — after all, this was on Ropsten, a gas giant.
• There are many tools to interact with deployed contracts, including to read values of global variables. The `pin` variable was private, so if a particular tool didn’t permit reading the value directly, it was conceivable to trick the tool into thinking that the contract’s source code / ABI was slightly different: where the `pin` variable wasn’t private.
• The smart solution was to note the date and time when the contract was created (corresponding to when the block, that included the creating transaction, was mined), and convert it to seconds-since-the-Epoch.

Author: SI

bookmark_borderEvents in May 2021: Blockchain Budapest 4.0 and CCTF

BDAY is organized again in 2021 with great talks, presentations and the CryptoCurrency (is) The Flag hacker game.

This is another chance to meet the best in the largest cryptocurrency and blockchain gathering of Central Europe. Topics as follow:

  • NFTs and their real values
  • DeFi and its future
  • Largest Hungarian Blockchain projects such as CCTF or ILGON
  • …and the first Satoshi Statue 🙂
Website: https://blockchainbudapest.hu/

The presenters and those who own a VIP ticket will be able to take part in the networking. We hope to see you there!

bookmark_borderCrypto Guide for Beginners: Start playing CCTF

With our partners* and sponsors* we are organizing CCTF for the 5th and 6th time in 2021 May. Just like at the previous events, we are providing a guide for beginners. This helps you to get started with hacking Ethereum smart contracts.

It is recommended to move step by step. Follow this guide and you will understand the basic logic of cryptocurrencies, blockchain and smart contracts.

*Partners: CryptAll / H.A.C.K. / BsdiesBUD / BlockchainBudapest

*Sponsors: HODLbag / CasperLabs / MyCryptoSeed / ILGON

Vol 5. reward for the winners: ~$6000 in crypto (ETH and tokens) and some extra awards for those who are present at the conferences 😎

Vol6. rewards to be announced soon.

CCTF Vol5. registration (event finished): https://vol5.cryptoctf.org/

CCTF Vol5. starts on 18th May, at 9:15 and finishes at 16:00.

CCTF Vol6. registration: https://vol5.cryptoctf.org/register

CCTF Vol6. starts on 27th May, at 8:35 and finishes at 17:00.

Guide intro

Cryptocurrencies such as Bitcoin and Ethereum allow you to handle digital assets on decentralized networks. There is no central authority which can censor or block your account.

Accounts are stored in digital wallets, eg. “ethereum wallet”. If you use “Metamask ethereum wallet”, you have full access your wallet, meaning only you have the private keys that are needed to make transactions. The public part to share from this wallet is only your ethereum address. In fact, when you send 1 Ethereum to another person, to his address (into her/his wallet) what happens is that you sign a transaction with your private key that this 1 Ethereum no longer belongs to you, but to the other address. That’s it. The transaction gets propagated on the Ethereum network and miners verify that transaction.

Here are the screenshots in 3 steps of sending 1 Ethereum to another address:

No central bank or complicated legal processes: you have the power to make transactions anywhere in the world fast and with a few clicks. Also, none can block it. Follow this guide further and we will create your first Ethereum wallet.

But why Ethereum? Because you can do more with transaction: engage with smart contracts. Imagine coding a program that you upload to a decentralized network, it gets stored there and can be called anytime in the future. Or imagine a business that does not have physical contracts, just virtual ones on the blockchain. All these are secure as long as somebody successfully cheats/hacks the network consensus or exploits vulnerabilities in the smart contrats itself. It may sound complicated for the first, but it is not rocket science. Let’s start creating your wallet.

Creating a wallet

Most of the Ethereum hacks (breaking smart contracts, accessing accounts without or with weak authentication, phishing) do not require more than a web browser and a bit of coding skills. For the start, only a FireFox or a Chromium/Chrome web broswer is enough with the MetaMask addon. You can connect this wallet to the Ethereum test networks and play around.

  1. Open your FireFox or Chromium browser and install the MetaMask extension: https://metamask.io/. Currenly, MetaMask is the most commonly used software by end users to interact with Ethereum contracts (these are called “dapps”/”decentralized apps” too).
  2. After installing the extension, it either automatically opens up or you can open it from the top right bar in your browser.
  3. The first step of using MetaMask is to generate your wallet. At this point you are asked to provide a password. Preferably, use a passphrase that is like a sentence, but does not include words from dictionaries (example: “HaxxA11co|ns”). Choose wisely.
  4. Move on and read the phishing warning carefully!
  5. Finally you need to make sure the secret backup words that allows restoring the wallet is secured: of course in a place only you can access and see. For playing you can just use paper, but for real wallets with high balances it is better to write the words on something that can survive even if your house burns down (eg. MyCryptoSeed)
  6. All is set. Now you have an Ethereum wallet and inside: an Ethereum account.

Changing networks and faucets

MetaMask allows you to change between Ethereum networks. Please change to Ropsten Test Network and remember that the game will be played from there.

Faucets provide free Ethereum for you on the test networks. Now it is time to get some from: https://faucet.ropsten.be/ (if it does not work, you can find other Ropsten faucets online or contact the CCTF organizers).

Congratulations, you are ready: time to get into code and hacking!

Coding and compiling a smart contract

Let’s compile an example smart contract and interact with it. Open https://remix.ethereum.org/ where you get an example contract written in Solidity language. Remix website has an inbuilt compiler and if you click on “Start to compile” it will compile the code. Now you can swith to the “Run” tab. If you have MetaMask running, then you should see “Injected web3” in the environment.

MetaMask injects the so called web3.js into each website you visit, that way the website can communicate with MetaMask (also think about that: is it a good idea to inject to all sites?).

Deploying a smart contract

Make sure your MetaMask account is unlocked, switched to “Ropsten” and you got a coin from the faucet. Then click on “Deploy”.

MetaMask pops you up a transaction which is actually the deployment of the compiled smart contract to the Ropsten Ethereum test network. Now you may wonder what “gas fee” is? Gas limits the computational efforts of the smart contract, meaning you cannot deploy a computational heavy infinite loop for free. You can only use a smart contract if enough gas is provided. If you are ready, click on “Confirm”.

Wait until the transaction changes from “Pending” state to “Confirmed”. This is indicated in MetaMask. The network needs time to make sure your conract is broadcasted and mined successfully. If you click on the transaction, you have a button “View transaction on Etherscan”: click on it and have a look at what happened.

Interacting with the contract functions

By going back to https://remix.ethereum.org/ you can start playing with the “Deployed Contracts”, under the “Run” tab. You can call the deployed smart contract’s functions one by one. Each call you initiate takes a transaction. The executed code runs on all of the Ropsten Ethereum nodes.

Congratulations, you have compiled your first smart contract and interacted with it.

Congratulations!

You have seen the very basics and it is time to think about what else can go wrong… Weak passwords, MetaMask seeds all over the place, programmers making mistakes in smart contracts that you can call, logic, broken crypto problems and so on.

References, to learn more

Bitcoin white paper

Cryptography tutorial

Ethereum white paper

Ethereum beige paper (a readable version of the yellow paper)

History of Ethereum Security Vulnerabilities, Hacks and Their Fixes (2017 Sept.)

bookmark_borderBitcoin and Crypto* events in Dubai

Looking for meeting other people who are into crypto*? Wants to find the best place to start your blockchain business? Awalcon and the HODLbag project shares the best places to get started. If you are an enthusiast, already have a project, looking for investors or just a beginner who wants to learn and meet interesting people: this is what you need to know.

EcoX Networking Events

Every Tuesday, you have the chance to meet people from different backgrounds, many of them are into crypto*. Just get there and be brave to start discussions with people you do not know yet!

Find the flyers on Instagram: https://www.instagram.com/ecoxdubai/

Website: https://www.ecox.pro/

Crypto Mondays

Crypto* people in the space! Mostly for beginner, but you can meet some big names there. Last Monday, we had Tone Vayes and Gary Sheynkman with us.

For the next meetup, make sure to follow: https://twitter.com/CryptoMondaysSJ

You can also join the cryptoDubai group on Signal where we keep posting about the events. Contact: https://linktr.ee/awalcon

Dubai allows crypto businesses to set up in free zone

Just as the heading says, things are moving on in the free zone.

An economic free zone in Dubai has opened for businesses that are offering, issuing, listing and trading crypto assets. The Dubai Multi Commodities Center (DMCC) signed the initial agreement with the Securities and Commodities Authority (SCA) to allow licensing for firms that deal with crypto assets.

Find more details on this link:

https://www.arabnews.com/node/1828681/business-economy

bookmark_borderGuide for CCTF4 Hacktivity

We have organized (Awalcon, H.A.C.K. and QAN) CCTF for the fourth time and decided to provide a beginner guide. This helps you to get started with hacking a Ethereum smart contract. While going through the guide you will understand more about the logic of cryptocurrencies, blockchain and smart contract. For the crypto only part, please refer to the links at the end of the post.

Guide intro

Cryptocurrencies such as Bitcoin and Ethereum allow you to handle digital assets on decentralized networks. In most cases the assests are simply coins, but here is where Ethereum can provide you more: smart contracts. Imagine coding a program that you broadcast once to a decentralized network, it gets stored on the blockchain and can be called anytime in the future. Or imagine a business that does not have physical contracts, just virtual ones. All these are secure as long as somebody successfully cheats the consensus or exploits vulnerabilities in contrats. It may sound complicated for the first, but it is not. Let’s see a practical example.

Creating a wallet

Most of the Ethereum hacks (breaking smart contracts, accessing accounts without or with weak authentication, phishing) do not require more than a web browser and a bit of coding skills. For the start, only a FireFox or a Chromium/Chrome web broswer will be enough to connect to the test network and to use an addon which allows interacting with (maybe) your first live smart contract.

Open your FireFox or Chromium browser and install the MetaMask extension: https://metamask.io/. Currenly, MetaMask is the most commonly used software by end users to interact with Ethereum systems. After getting the extension, it either automatically opens up or you can open it from the top right bar in your browser. The first step of using MetaMask is to generate a wallet. At this point you are asked to provide a password. Preferably, use a passphrase that is like a sentence, but does not include words from dictionaries (example: “HaxxA11co|ns”). Choose wisely. Move on and read the phishing warning carefully. Finally you need to make sure the secret backup phrase that allows restoring the wallet is secured somewhere, of course in a place only you can access and see.

All is set, now you have an Ethereum wallet, an account.

Changing networks and faucets

MetaMask allows you to change between Ethereum networks. Please change to Ropsten and note that the game will be played there too.

Faucets provide free Ethereum for you on the test networks. Now it is time to get some from: https://faucet.ropsten.be/ (if it does not work, you can find other Ropsten faucets).

Coding and compiling a smart contract

Let’s compile an example smart contract and interact with it. Open https://remix.ethereum.org/ where you get an example contract written in Solidity language. Remix website has an inbuilt compiler and if you click on “Start to compile” it will compile the code. Now you can swith to the “Run” tab. If you have MetaMask running, then you should see “Injected web3” in the environment.

MetaMask injects the so called web3.js into each website you visit, that way the website can communicate with MetaMask (also think about that: is it a good idea to inject to all sites?).

Deploying a smart contract

Make sure your MetaMask account is unlocked, switched to “Ropsten” and you got a coin from the faucet. Then click on “Deploy”.

MetaMask pops you up a transaction which is actually the deployment of the compiled smart contract to the Ropsten Ethereum test network. Now you may wonder what “gas fee” is? Gas limits the computational efforts of the smart contract, meaning you cannot deploy a computational heavy infinite loop for free. You can only use a smart contract if enough gas is provided. If you are ready, click on “Confirm”.

Wait until the transaction changes from “Pending” state to “Confirmed”. This is indicated in MetaMask. The network needs time to make sure your conract is broadcasted and mined successfully. If you click on the transaction, you have a button “View transaction on Etherscan”: click on it and have a look at what happened.

Interacting with the contract functions

By going back to https://remix.ethereum.org/ you can start playing with the “Deployed Contracts”, under the “Run” tab. You can call the deployed smart contract’s functions one by one. Each call you initiate takes a transaction. The executed code runs on all of the Ropsten Ethereum nodes.

Congratulations, you have compiled your first smart contract and interacted with it.

Congratulations

You have seen the very basics now and it is time to think about what can go wrong… Weak passwords, MetaMask seeds all over the place, programmers making mistakes in smart contracts that you can call, logic, broken crypto problems and so on.

References, to learn more

Bitcoin white paper

Cryptography tutorial

Ethereum white paper

Ethereum beige paper (a readable version of the yellow paper)

History of Ethereum Security Vulnerabilities, Hacks and Their Fixes (2017 Sept.)