Shulou(Shulou.com)06/01 Report--

Preface

Recently, there have been a lot of problems in Etay Fong. A number of games have been attacked by hackers one after another. The first to bear the brunt is, of course, the recent popular Fomo3d-like games, such as the attack on last winner. Although the relevant attack methods have been disclosed as early as a month ago, last winner is not open source and does not seem to have taken any security measures. In addition, the hackers' tactics have also been upgraded. As a result, a large number of eth were taken away by hackers by airdrop, but this is not the focus of today. You can take a look at the relevant parsing in this part.

Another powerful news is, of course, the end of the first round of fomo3d. The winner successfully won a bonus of up to 10,000 ETH, and the hacker behind it blocked the ethernet network so that fomo3d-related transactions could not be packaged into blocks, so as the last buyer, he successfully pocketed a huge bonus, which can be said to have completed the attack by using the DDOS of the ethernet network. Here we will briefly talk about the DDOS in Tai Tai Square.

DDOS for Ethernet Fong Network

In fact, it is interesting to say that when Etay Fong was designed, it wanted to compete with DDOS. Part of the function of gas mechanism is to prevent DDOS and raise the cost of DDOS. However, with the continuous development of Etay Fong, more and more problems have been exposed.

DDOS caused by junk trading

This problem was raised almost two years ago, and the main problem is still on the opcode EXTCODESIZE. People familiar with intelligent contracts should also know that this is the size of the code used to read the contract, so it involves the corresponding disk operation, but it requires very little gas, which causes malicious attackers to call this opcode many times in the transaction. As long as the gas of these operations does not add up to the gas limit of the block, thanks to the minimal gas consumption of this opcode, the attack transaction at that time called the opcode nearly 50000 times in each block, so the computing time occupied by the exchanges in this block was greatly extended, resulting in the paralysis of the entire ethernet network, and there are corresponding instructions and corresponding processing on the etherfang official blog

At this point, we still have to mention the gas mechanism with the characteristics of Etay Fang. at present, there are indeed different opinions about its existence. I will not make too many comments. Let's mainly pay attention to the problems that we should pay attention to.

We know that as long as we send a transaction, there are bound to be gas fees, and when we send a transaction, we actually have two options for gas, that is, gas Price and gas limit,gas Price, that is, the unit price we are willing to pay for each gas, while gas limit sets for us the maximum amount of gas, that is, the number of gas we send directly, and then calculates the number of gas consumed by the operation in the transaction, that is, gas used, after packing at the node. Then the gas used*gas Price is the number of tx fee we actually paid, and the rest of the gas will be returned to our account. If the set gas limit is not enough to operate the gas, the transaction will fail, and the corresponding operation will be rolled back, but the transaction will still be packaged into the block. Of course, forget the part of gas that has been given.

So sometimes when we encounter the transaction failure that we send, it may be that the set gas limit is a little less, and you may think that if you directly set the gas limit, it will be all right, but this may not win the favor of the miners, because another feature of Etay Square is its block gas limit, which is different from Bitcoin, which directly limits the size of the block. ETaifang restricts the block through the gas used by the exchanges in the block, and the corresponding limit value is the block gas limit. Miners must ensure that the gas limit value used in all transactions to be packaged into the block is less than the block gas limit, so the number of transactions that can be accommodated in a block is relatively limited. At the same time, the general trading gas limit is about 21000, because this is also the default gasvalue for many clients. When there is a transaction with a particularly large gas limit, the miners may not give it priority, because it may be packaged and actually found that the actual gas it uses will also be so small, and most of it will be returned, so it would be better to pack a few more transactions with smaller gas limit, which may earn more gas, so a higher gas limit may lead to inefficiency of your transaction. If you really want the transaction to be packaged into the block more quickly, the value that should be raised is still gas price, so that the miner's tx fee will eventually become higher, and the priority will be given accordingly.

Well, back to this junk trading DDOS attack, the official mitigation plan is actually related to the block gas limit. On the one hand, it is to increase the gas required by the corresponding opcode, on the other hand, it is to reduce the size of the block gas limit.

We can take a look at the changes of gas limit in the block at that time.

Originally, the gas limit of the block was about 4.7 million, but then it was lowered to about 1.5 million in order to alleviate the attack, and then adjusted to 2 million. In fact, it is also easy to understand that the purpose is to reduce the number of transactions in each block and avoid blocking a block for dozens of seconds in the process of calculating transactions, although this is still a temporary cure. However, it is also to strive for buffer time for the repair of the loophole in Etay Fang. in fact, the gas limit of its own block also has a dynamic adjustment mechanism, and it also fluctuates up and down according to the gas used of the previous block, but it still loses its ability to adjust in this situation. later, as ethernet bifurcated to repair the loophole, the gas limit of the block began to grow again, up to the current 8 million. Of course, too high will still affect performance, because there will be more transactions in each block, and the current 8 million gas limit has been stable for a long time.

Although this DDOS mode has been fixed, it is still worth mentioning.

DDOS caused by explosive transactions

In fact, strictly speaking, this may not be a DDOS attack, which is equivalent to the fact that Taobao also broke out during the Singles Day holiday, but it did cause congestion in Ethernet Square, which has become more and more frequent in the past year.

We might as well take a look at the changes in gas Price in the past year.

In fact, the average gas Price reflects the jam degree of ethernet to a certain extent, because when there are too many trades waiting for, you must increase the price of gas if you want your trading to be preferred by miners, otherwise your trading may lie in the trading pool all the time, which leads to the soaring of gas Price when ethernet is clogged.

From the picture, we can roughly see several rising points. first of all, it is the stage from the end of 17 to the beginning of 18 years. If you have any impression, you should remember that it was the time when the etheric cat was popular. At that time, it was so famous that it blocked the entire ethernet network, and countless transactions could not be packed in the trading pool, which also brought the soaring rise of gas Price. Everyone robbed the cat in the game. In less than two weeks after it was launched, 70,000 were traded, and the transaction volume reached more than 70 million, which made people sigh at the power of capital. It should also be the first time that such a popular game appeared in Tai Fong. At that time, it was the closest to the killer app, and it was of great significance.

After that, a relatively obvious increase came from the FCoin exchange, which exploded not long ago, that is, in July, because of its special ranking model, that is, ranking the corresponding tokens in the way of one account, one vote, which led to the corresponding project parties frantically opening accounts and voting, which resulted in a large number of transactions and directly blocked the entire ethernet network, which was also condemned by many parties. After all, such behavior does not make any sense in addition to expanding its influence, but also causes the high level of gas Price, but there is no way to resist such a rogue way. This incident has once again sounded the alarm to the performance problem of Etay Fong. After all, it is indeed very easy to cause large area congestion. It can be imagined that the network bandwidth of Etay Fong is about 8 million gas every 15 seconds, as well as the limitation of computing performance. V God is also constantly looking for solutions, and his envisioned slicing technology is also designed to improve the performance of Ethernet Square to reduce congestion, but at the expense of some decentralized features, which is a bit similar to EOS.

Finally, the nearest peak from us is the recent Fomo3d-like games that are still popular. It is the popular last winner games that affect or even block the network. At the beginning, their team also prepared a large number of eth to brush orders, forcibly increasing the trading volume and attracting users to inject capital. At that time, its trading data even exaggerated to nearly 100 million yuan in three days, which was indeed too exaggerated in the market environment at that time. At one time, it also caused the congestion of the ethernet network, and there were many doubts behind the game. From its marketing strategy, it should be aimed at the Chinese people. It can only be said that we have to be more careful in dealing with such games.

We can observe the real-time situation of gas Price here, and its recent changes can also be well analyzed here.

DDOS caused by high gas transactions

This type of DDOS involves the attack methods used by the winning hackers of Fomo3d, which was revealed a few days ago. The hacker used this technique to block the ethernet network for nearly three minutes, so that all transactions related to fomo3d could not be packaged into blocks, so as the last buyer, he became the final winner and received a huge bonus.

What is involved here is the limitation of the gas limit of the block that we mentioned earlier. At present, the gas limit of each block is about 8 million. What attackers need to do is to find a way to make their transactions exhaust the gas limit of the block, and try to make only their own transactions exist in the block as far as possible. The priority of this part can be obtained by increasing the gas Price, while the consumption of gas involves another operation, that is, the application of assert.

People who are familiar with the operations related to intelligent contracts should also know that assert, like require, can be used to handle errors. The difference is that require triggers using 0xfd opcodes, which is equivalent to calling revert. It will return the contract status and return the remaining unconsumed gas, while assert is much more domineering. After triggering, it will not return the remaining unconsumed gas. You can only contribute to the miners. You may wonder why you still want to use assert, in fact, it mainly depends on the different scenarios used. For the application scenario of require, even if it is triggered, it actually represents the normal contract state, because it generally checks the user's input or the execution status condition, while the trigger scenario of assert generally represents something wrong with the code, which you can understand as a specification. Code that follows such a specification can, after all, be easily checked with analysis tools. For a more detailed analysis and comparison of the two, you can participate in the information here.

For this feature, we can simply look at the effect.

Deploy a simple test contract

Contract C {function requires () {require (false);} function asserts () {assert (false);}}

We deploy it to the ropsten test chain, because the block gas limit of the test chain is about 4.7 million. We set the gas limit to send the transaction. For the transaction that calls asserts, we directly set its gas limit to 4.65 million. As for the transaction that calls requires, we can use 3 million, and then let's see the result.

It is obvious that the transaction that calls asserts directly consumes the gas limit we set up, while requires only uses the required gas. Let's take a look at the block of the transaction in which asserts is located.

Sure enough, only two transactions have been packaged in this block. Let's look at the block where requires is located.

You can see that more than a hundred transactions have been packaged in this block, so at least we have blocked the block where the asserts is located. But in fact, the blocking effect of this single huge gas limit is not very good. If you also try, you should notice that this transaction also took a while to be packaged, which is much slower than the require transaction. You should know that the gas Price I set is already very large. In fact, the reasons have also been mentioned earlier. This single ultra-high gas limit trading miner is not very popular, so a better way is to split it into several parts, and the hacker who attacked fomo3d knows this, so the trading of his attacks is mostly concentrated on about two or three million gas limit.

This is a certain block generated by the hacker attack at that time. We can see that the number of transactions in this block is only 10, while the number of transactions in the next block of a normal block is hundreds. It shows that the three failed transactions are actually transactions issued by the hacker, and the targets are all the same, that is, the attack contract deployed by the hacker. In fact, this purpose is to use assert to consume gas.

Let's take a look at how much gas is consumed by each of these transactions

Very interesting, respectively is 200000, 3.3 million and 4.2 million, which adds up to 7.7 million, which accounts for the vast majority of gas usage in the whole block. in fact, hackers are constantly adjusting and modifying gas usage during the whole attack process. In fact, they have also experienced a lot of failures before, but he still achieved success in the last three minutes, probably with a bit of luck, and the whole adjustment process is also worthy of in-depth study. For a detailed interpretation of the attack modus operandi, please see the analysis here.

With the successful application of this attack method, many hacker groups have also begun to attack fomo3d-like games. At present, there have been many successful examples. Not long ago, the second round of last winner also came to an end. Whether this means a new chapter in this kind of games is really difficult to say in this situation.

DOS for Smart contract

What I want to talk about here is not the ddos attack. With regard to this part, I think what is really available for attack is the limited use of the block gas limit, because the block is limited by 8 million of the gas, and if you find a way to make the gas required for the call of part of the operation of the contract exceed the 8 million limit, then the contract will naturally be null and void.

For example, the main part of the contract below

Contract DistributeTokens {address public owner; / / gets set somewhere address [] investors; / / array of investors uint [] investorTokens; / / the amount of tokens each investor gets function invest () public payable {investors.push (msg.sender); investorTokens.push (msg.value * 5);} function distribute () public {require (msg.sender = = owner); for (uint I = 0; I < investors.length) InvestorTokens +) {transferToken (statements [I], investorTokens [I]);}

By creating a large number of investor, the attacker can make the gas required for the final call to the distribute function exceed the gas limit of the block, thus invalidating the contract. Of course, this is only one of the ways to prevent the smart contract from providing services, and other uses can be found here.

Write at the end

Recently, a series of problems in Etay Fong are still very worrying, and the amount of money involved is getting larger and larger, which actually infringes upon the rights and interests of many ordinary users. I hope that the etheric Fong team can solve the current performance problems in Etay Fong and avoid the recurrence of congestion.

This article is reproduced from Security Guest.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.