Skip to content

A Collection of Vulnerabilities in ERC20 Smart Contracts With Tokens Affected

License

Notifications You must be signed in to change notification settings

sec-bit/awesome-buggy-erc20-tokens

Repository files navigation

Awesome Buggy ERC20 Tokens

Join the chat at https://gitter.im/sec-bit/Lobby Awesome PRs Welcome

A Collection of Vulnerabilities in ERC20 Smart Contracts With Tokens Affected

Read the docs in Chinese: https://github.com/sec-bit/awesome-buggy-erc20-tokens/blob/master/README_CN.md

Disclaimers

  • This repo is aimed to notify the community of development security by collecting reported smart contract issues
  • This repo collects all info from public resources and part of analysis is generated by script along with manual checking
  • This repo might not be perfectly accurate, please contact us or submit a pull request when you find something wrong
  • This repo contains no unreported issue
  • This repo might have duplicate names with popular projects, please do not over-decipher this
  • This repo includes some Token contracts without vulnerabilities, while they fail to satisfy specifications
  • This repo has a few problematic Token contracts that have already been fixed properly

Navigation

Recent Updates

Problems in ERC20 Token Contracts

ERC20 standard is one of the most popular Ethereum token standards [1]. As of June 26th, 2018, more than 95,000 ERC20 token smart contracts have been deployed according to statistics from Etherscan. Here is a daily trend chart of ERC20 contracts created according to our statistics:

ERC20 Contracts Created on main Ethereum network every day

Security Incidents in Smart Contracts

ERC20 Token specification has gone through challenges and improvements during its growth. Lots of critical security issues have been revealed, some of which have led to severe financial losses [2-11] for developers, investors, even Ethereum community as well.

On June 18th, 2016, the DAO hack caused a total loss of over 3,600,000 ethers(ETH) worth over a billion dollars, and the Ethereum hard-fork afterwards led to the Ethereum community breaking apart [2].

On April 22th, 2018, the attack on BeautyChain(BEC) contract hardly decreased the token price to zero via pouring astronomical tokens to exchanges through an integer overflow [3]. There are 10 other contracts at least containing this problem.

On April 25th, 2018, a similar integer overflow got uncovered in SMT. Hackers minted and dumped a tremendous amount of tokens, resulting in SMT's collapse [4]. There is one other contract at least containing this problem.

On May 20th, 2018, a critical logical flaw was found in EDU along with other three Token contracts (CVE-2018–11397, CVE-2018–11398), causing that users' balances could be transferred out randomly [5]. After further analysis, we caught this bug in at least 81 contracts [6].

On June 12, 2018, a series of overflow bug in ERC20 smart contracts got uncovered (CVE-2018-11687, CVE-2018-11809, CVE-2018-11810, CVE-2018-11811, CVE-2018-11812) [7]. We have revealed more than 800 contracts with the same problem after scanning over 20,000 contracts deployed on Etherscan [8].

Failure of Satisfying Specification in Many ERC20 contracts

Lots of ERC20 token contracts do not follow the ERC20 standard strictly, which is troublesome to developers of DApps on ERC20 tokens [12-14].

Thousands of deployed Token contracts referred to incorrect example code on Ethereum official website and OpenZeppelin, resulting in several functions failing to meet ERC20 standard. After upgrading Solidity compiler to 0.4.22, incompatibilities would arise and these contracts could not perform normal transactions on decentralized exchanges (DEX) or DApp in most cases [12], whereas a majority of DApp developing teams were off guard and unaware of such a problem.

Several Token contracts added redundant checks in standard approve(), requiring that the approved _amount smaller or equal to the current balance. However, it makes DEX employing protocols like 0x hard to finish approve() in advance, asking the Token developing team transfer a huge amount of tokens to the exchange's intermediate account ahead which violates the target of employing ERC20 standard and brings about inconvenience.

Since it is defined optional to set common querying interfaces like name(), symbol() and decimals() in ERC20 specification [1], many Token contracts left them out or named them differently, such as NAME(), SYMBOL() and DECIMALS(), making it harder for DEX and DApp developing.

Another point worth mentioning is that two events - Transfer and Approval should get fired under certain circumstances described by ERC20 specification [1]. In fact, many Token contracts left out Approval event referring to Ethereum official website [14]. This omission causes great difficulty for developers listening to relevant events, undermining the development of DApp ecosystem.

One Solution: Collecting Buggy Token Contracts

Statistical summaries from security organizations and experts indicate that critical vulnerabilities are hiding in smart contracts, taking the 'TOP 10 in 2018' by NCC group [15] as an example:

  • Reentrancy
  • Access Control
  • Integer Overflow
  • Unchecked Return Values For Low Level Calls
  • Denial of Service
  • Bad Randomness
  • Front-Running
  • Time manipulation
  • Short Address Attack
  • Unknown Unknowns

This might be just the tip of an iceberg. Recent research together with the aforementioned point of view state clearly that the scale of problems in smart contracts deployed on Ethereum may go beyond our imagination.

We made a collection of past bugs and vulnerabilities, including:

  1. vulnerabilities in Token contracts
  2. incompatibilities due to inconsistency with ERC20
  3. excessive authorities of Token administrators [16]

Why This Repo?

There are many projects in Ethereum community contributing to the ecosystem of smart contracts, such as 'A guide to smart contract security best practices' [17] maintained by Consensys and 'OpenZeppelin, a framework to build secure smart contracts on Ethereum' [18] developed by OpenZeppelin.

Also, we found the fact that a majority of issues in buggy Token contracts come from referring, copying and modifying others' code without caution. Also, using incorrect sample code is an origin of bugs. It is difficult for beginners and developers of smart contracts to determine whether a contract snippet from main net contains bugs and identify these issues in seconds.

We would maintain this collection to:

  • provide a reference and learning materials of common bugs in ERC20 token contracts
  • help ERC20 token contract developers to develop correct and secure contracts
  • notice DApp developers of incompatible/buggy/vulnerable ERC20 token contracts
  • warn exchanges and investors of potential risks in incompatible/buggy/insecure ERC20 tokens

What We Collect?

  • Descriptions of common vulnerabilities
  • List of deployed buggy token contracts
  • List of nonstandard token contracts

Repo Structure

awesome-buggy-erc20-tokens
├── token_dict.json
├── token_detail_dict.json
├── ERC20_token_issue_list_CN.md
├── issues.json
├── bad_tokens.all.csv
├── bad_tokens.all.json
├── bad_tokens.top.csv
├── bad_tokens.top.json
├── raw/
├── csv/
├── json/
├── gen_token_detail_dict.py
└── gen_list_from_raw.py

As shown below, lists in CSV and JSON help developers to browse and search for addresses of given contracts with reported vulnerabilities.

addr,category,name,symbol,exchanges,totalSupply,decimals,info
0x014B50466590340D41307Cc54DCee990c8D58aa8,[B6],ICOS,ICOS,@HitBTC@Tidex,560417,6,_
0x093e5C256Ff8B32c7F1377f4C20e331674C77F00,[A2],Dignity,DIG,@Livecoin,3000000000,8,_
{
    "0x014B50466590340D41307Cc54DCee990c8D58aa8": {
        "decimals": 6,
        "exchanges": [
            "HitBTC",
            "Tidex"
        ],
        "info": "_",
        "issues": {
            "no-symbol": true
        },
        "name": "ICOS",
        "rank": 316,
        "symbol": "ICOS",
        "totalSupply": 560417
    },
    "0x093e5C256Ff8B32c7F1377f4C20e331674C77F00": {
        "decimals": 8,
        "exchanges": [
            "Livecoin"
        ],
        "info": "_",
        "issues": {
            "totalsupply-overflow": true
        },
        "name": "Dignity",
        "rank": 613,
        "symbol": "DIG",
        "totalSupply": 3000000000
    }
}

How to Contribute

We hope this collection can contribute to the Ethereum ecosystem by maintaining and updating in a long period and definitely welcome contributions to this collection.

For now we only maintain detailed information of token contracts (totalSupply, decimals, exchanges) that have market caps on CoinMarketCap. If you find any other incompatible/buggy/vulnerable ERC20 token contracts, please update token_dict.json and run script gen_token_detail_dict.py.

If you find other bugs not listed in this collection, please update in the following process.

  • Add the name and description of the bug with reference to ERC20_token_issue_list.md
  • Create a new file with the bug name in raw directory and fill in the address of affected contracts
  • Add the name and index of the new bug to issues.json
  • Run python3 gen_list_from_raw.py -i raw/* -o bad_tokens in the repo root
  • Check the update and send us a pull request

If you have any questions or ideas, please join our discussion on Gitter.

TODO

  • Add more 'Excessive Authorities' issues:
    • Minting tokens
    • Setting trading price
    • Manipulate other accounts

Technical Partnership

References

License

CC0