Crypto Exchanges Pause Services Over Contract Bugs

A pair recently-published bugs allow an attacker to create an inordinate number of ERC-20 tokens

AccessTimeIconApr 25, 2018 at 3:51 p.m. UTC
Updated Dec 10, 2022 at 1:37 p.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

As many as a dozen or more ethereum-based ERC-20 smart contracts have been found to contain bugs that let attackers create as many tokens as they want.

While the bugs – first identified on April 22https://peckshield.com/2018/04/22/batchOverflow/ and April 24https://peckshield.com/2018/04/25/proxyOverflow/, respectively, in a pair of posts published by blockchain security firm PeckShield – aren't tied to the ERC-20 standard itself, the issues prompted a number of exchanges to suspend ERC-20 tokens as they investigate. Those exchanges included OKEx, PoloniexChangelly, Quoine and HitBTC.

separately announced on April 25 that it had suspended all coins, but has since limited that to ERC-20-based tokens. As of press time, Poloniex has moved to reinstate services for ERC-20 tokens.

In one example, an attacker transferred a whopping 57.9 * 10^57 BeautyChain Tokens – as shown by transaction data on Etherscan – on April 22, a development that prompted the initial investigation into the issue.

"Our study shows that such transfer comes from an 'in-the-wild' attack that exploits a previously unknown vulnerability in the contract. For elaboration, we call this particular vulnerability batchOverflow," PeckShield's post on the 22nd explained. "We point out that batchOverflow is essentially a classic integer overflow issue."

Countless coins

The batchOverflow post outlines how the batchTransfer function in a contract has a maximum number of tokens that can be sent in a transaction, adding that the value of the tokens being transferred must be less than the total number of tokens that were generated. However, the "_value" parameter – one of the two that determine the total number of tokens – can be manipulated, which would then change another variable, resulting in an attacker being able to create as many tokens as they'd like.

Further, the attacker can bypass the barriers in the contract which would normally ensure that a reasonable number of tokens are being transferred.

"With amount zeroed, an attacker can then pass the sanity checks in lines 258–259 and make the subtraction in line 261 irrelevant," the post explained, noting:

"Finally, here comes the interesting part: as shown in lines 262–265, the balance of the two receivers would be added by the extremely large _value without costing a dime in the the attacker’s pocket!"

While initial reports indicated all ERC-20 tokens may be impacted, the "batchTransfer" function is not part of the token standard.

The Medium post did not list the vulnerable projects, though it did note that the BeautyChain was the first project they discovered. In a sign of the seriousness of that bug, OKEx said on April 24 that it was rolling back trades on the BeautyChain Token.

The exchange also announced around that time that in light of the bugs, it was suspending desposits and withdrawals a project called SmartMesh trading due to "abnormal trading activities." PeckShield noted that this was possibly due to the proxyOverflow bug, which, like batchOverflow, is a classic integer overflow problem. Certain variables can be manipulated to spontaneously generate large amounts of tokens.

One Twitter user noted that an attacker created $5 octodecillion in SmartMesh tokens.

As one of the posts noted, the danger exists that someone can use a vulnerable cryptocurrency to manipulate prices in their favor by trading with bitcoin, ether or another trading pair.

Representatives for the BeautyChain and SmartMesh projects did not immediately respond to requests for comment. However, a statement on BeautyChain's website acknowledges the bug and states that trading will resume at an undetermined point in the future.

Similarly, SmartMesh announced that it would take steps to prevent price manipulation, saying:

"The SmartMesh Foundation will take the equivalent amount of SMT to the counterfeit amount and destroy it to make up for the losses caused, and keep the total supply of SMT at the value of 3,141,592,653."

Fabian Vogelsteller, the developer who first proposed the ERC-20 standard, told CoinDesk that the bugs "just show that we need better best practices and tools to detect those mistakes."

Note: This article has been updated with a developer comment and to clarify PeckShield's role in discovering the bugs.

Marbles image via Shutterstock

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.