Ethereum: re-entry into ERC20 token transfer

Ethereum Replay Attack: Understanding Risk and Mitigation

The Ethereum blockchain, built on a decentralized consensus system, has made tremendous progress in recent years, enabling seamless interoperability between smart contracts. One of the key features that makes Ethereum so appealing is its support for token transfers, which allows users to send and receive ether (ETH) from other accounts. However, this feature also poses a significant security risk: replay attacks.

Replay attacks

A replay attack occurs when an attacker exploits a vulnerability in the execution flow of a smart contract, allowing the same function to be called repeatedly and consuming the contract’s funds indefinitely. In the case of ERC20 token transfers, the problem arises because these operations do not use any external functions or contracts, making it difficult for the blockchain to detect and prevent replay attacks.

Vulnerability

ERC20 tokens are designed to be used as decentralized digital assets, and their value is pegged to the price of Ether. However, this token-based design also creates the opportunity for recursion attacks. When an attacker transfers ETH from one account to another using ERC20 tokens, they can repeatedly call the same transfer function in external contracts, draining the funds without anyone noticing.

Problem

To understand why updating state after an external contract call is a problem, let’s dive into how recursion attacks work. Let’s say we have two smart contracts:

• “transfer” (in a normal, secure context)

• “reentrancer” (an external function that repeatedly calls “transfer”)

When an attacker transfers ETH from account A to account B using the “transfer” function in one of these contracts, he can repeatedly call “reentrancer”, draining the funds without anyone noticing.

Mitigation

Fortunately, there are ways to mitigate this risk. Here are some possible solutions:

• Use secure interaction with the contract: Instead of calling an external function directly from the smart contract, use a more secure method, such as Web3.js or Truffle’s built-in support for secure interaction with contracts. These libraries provide mechanisms to safely call external functions and operations.

• Implement re-entry detection

  : Create a mechanism to detect and prevent re-entry attacks in contracts. This can be done using methods such as transaction verification, auditing, or even a “double-re-entry protected” approach where the attacker has to re-call the token multiple times before triggering the attack.

• Use “secure” token transfer: Introduce the concept of “secure” token transfer, which prevents repeated calls to the “transfer” function from consuming funds indefinitely. Instead, use a mechanism such as transaction locking or “token transfer cooldown” that limits the number of successful transfers before requiring the attacker to wait a certain period of time.

• Implement a “re-entry” wallet: Create a wallet that detects and prevents re-entry attacks in real time. This can be done using the Web3.js Web3 instance, which provides methods such as callTransaction or checkReentrancy.

Conclusion

Ethereum’s support for ERC20 token transfers poses a significant security risk due to the lack of secure contract interactions and external function calls. While there are potential solutions to mitigate this risk, it is critical to understand how reentrancy attacks work and implement strategies such as secure contract interactions, reentrancy detection, or “secure” token transfer mechanisms. By doing so, we can ensure that our blockchain remains secure for both users and developers.

Recommendations

• Explore and implement secure contract interactions using Web3.js or the built-in Truffle support.