New

Hacken is launching a monitoring tool. Get details and join our beta program

More

Smart Contract Vulnerabilities

Smart Contract Vulnerabilities
  • Discover
  • cybersecurity
  • Smart contract audit

8 Jul 2022

In our Education blog, Hacken has already covered the basics of a smart contract security audit, the most common smart contract vulnerabilities, and our smart contract audit methodology. To recap, a smart contract is an automated agreement between parties that is executed when all predefined conditions are met. Smart contracts are the backbone of all transactions. Thus, we should be aware of specific smart contract vulnerabilities that our auditors encounter in real projects and their classification under industry standards.

It is worth noting that the vulnerabilities featured in the list below are recognized as industry standards. They are classified in the Smart Contract Weakness (SWC) registry. The SWC registry is the holy grail of smart contract weaknesses. The registry serves as a foundation for a standardized identification of vulnerabilities in smart contracts. We also provide the link to the Common Weakness Enumeration CWE base where you can learn more about each vulnerability. CWE base is a community-developed list of software and hardware weakness types serving as a baseline for weakness identification.

List of 33 Smart Contract Vulnerabilities

The following is the list of all smart contract vulnerabilities we look for when conducting crypto audits for all networks, including our most popular service – Ethereum smart contract audit.

  1. 1. Access to Critical Private Variable via Public Method
    • unencrypted private data on-chain
  2. 2. Irrelevant Code
    • code with no effects
    • presence of unused variables
  3. 3. Improper Initialization
    • message call with the hardcoded gas amount
    • incorrect constructor name
  4. 4. Authentication Bypass by Capture-replay
    • hash collisions with multiple variable length arguments
  5. 5. Improper Locking
    • unexpected Ether balance
  6. 6. User Interface Misrepresentation of Critical Information
    • right-to-left-override control character
  7. 7. Use of Incorrect Operator
    • typographical error
  8. 8. Uncontrolled Resource Consumption
    • DoS with block gas limit
  9. 9. Use of Low-Level Functionality
    • arbitrary jump with function type variable
  10. 10. Insufficient Control Flow Management
    • insufficient gas griefing
  11. 11. Incorrect Behavior Order
    • incorrect inheritance order
  12. 12. Write-what-where Condition
    • write to the arbitrary storage location
  13. 13. Improper Following of Specification by Caller
    • requirement violation
  14. 14. Insufficient Verification of Data Authenticity
    • Lack of proper signature verification
  15. 15. Improper Verification of Cryptographic Signature
    • missing protection against signature replay attacks
  16. 16. Use of Insufficiently Random Values
    • weak sources of randomness from chain attributes
  17. 17. Improper Adherence to Coding Standards
    • shadowing state variables
    • state variable default visibility
  18. 18. Improper Initialization
    • signature malleability
  19. 19. Inclusion of Functionality from Untrusted Control Sphere
    • Block values as a proxy for time
  20. 20. Use of Obsolete Function
    • Authorization through tx.origin
  21. 21. Concurrent Execution using Shared Resource with Improper Synchronization (‘Race Condition’)
    • Transaction Order Dependence
  22. 22. Improper Check or Handling of Exceptional Conditions
    • DoS with Failed Call
  23. 23. Inclusion of Functionality from Untrusted Control Sphere
    • Delegatecall to Untrusted Callee
  24. 24. Use of Obsolete Function
    • Use of Deprecated Solidity Functions
  25. 25. Always-Incorrect Control Flow Implementation
    • Assert Violation
  26. 26. Access of Uninitialized Pointer
    • Uninitialized Storage Pointer
  27. 27. Improper Enforcement of Behavioral Workflow
    • Reentrancy
  28. 28. Improper Access Control
    • Unprotected SELF DESTRUCT Instruction
    • Unprotected Ether Withdrawal
  29. 29. Unchecked Return Value
    • Unchecked Call Return Value
  30. 30. Improper Control of a Resource Through its Lifetime
    • Floating Pragma
  31. 31. Using Components with Known Vulnerabilities
    • Outdated Compiler Version
  32. 32. Incorrect Calculation
    • Integer Overflow and Underflow
  33. 33. Improper Adherence to Coding Standards
    • Function Default Visibility

It is understandable that some vulnerabilities are more prevalent than others. In practice, it may be difficult to categorize a particular vulnerability under one category in the SWC registry. To that end, we want to share with you the most common smart contract vulnerabilities that Hacken auditors deal with. These include arithmetic over/underflows, default visibilities, entropy illusions, race conditions/front running, DoS, re-entrancy, constructions with care, and tx.origin authentication. In our smart contract audit reports, we also often recognize function calls with an incorrect argument, deserialization of untrusted data, numeric errors, improper initialization, improper input validation, privilege escalation, and improper synchronization.

This is a comprehensive and classified list of all possible smart contract vulnerabilities. If these weaknesses do not tell you anything, they may be too difficult for a general reader to comprehend. No worries, though. Our brilliant auditors know everything about each vulnerability and how to find them.

Conclusion

In this article, we wanted to emphasize that smart contract audits are difficult. Many companies offer smart contract services, but only a few can produce audits of exceptional quality. Delivering an effective and protective smart contract audit requires special knowledge and experience. At Hacken, we prioritize learning and excellence. That’s why our security experts always follow best practices and focus on industry standards when it comes to smart contract vulnerability identification.

share via social

Subscribe to our research

Enter your email address to subscribe to Hacken Reseach and receive notifications of new posts by email


    Interested in getting to know whether your systems are vulnerable to cyberattacks?

    Tell us about your project

    • This field is required
    • This field is required
      • whatsapp icon WhatsApp
      • telegram icon Telegram
      • wechat icon WeChat
      • signal icon Signal
    • This field is required
    • This field is required
    • This field is required
    • This field is required
    This field is required
    departure icon

    Thank you for your request

    Get security score on

    • certified logo
    • coingeco logo
    • coin market cap logo

    1,070+ projects audited

    companies logos

    Apply for partnership

    • This field is required
    • This field is required
    • This field is required
    • This field is required
      • Foundation
      • VC
      • Angel investments
      • IDO or IEO platform
      • Protocol
      • Blockchain
      • Legal
      • Insurance
      • Development
      • Marketing
      • Influencer
      • Other
    This field is required
    This field is required
    departure icon

    Thank you for your request

    Get security score on

    • certified logo
    • coingeco logo
    • coin market cap logo

    1,070+ projects audited

    companies logos

    Get in touch

    • This field is required
    • This field is required
    • This field is required
    • This field is required
    This field is required
    By submitting this form you agree to the Privacy Policy and information beeing used to contact you
    departure icon

    Thank you for your request

    Get security score on

    • certified logo
    • coingeco logo
    • coin market cap logo