S-20200126

Security Intermediate January 26, 2020

Back to All Tasks

Problem Statement

You are tasked with auditing a simple Solidity smart contract designed for a decentralized lottery system. The contract allows users to enter by sending Ether and has a function to distribute the prize to a winner. However, there is a known security vulnerability in this contract that could allow an attacker to drain all the funds from it using a reentrancy attack. Your job is to identify where the vulnerability lies and propose a fix or redesign the vulnerable part of the contract to prevent such attacks. You should also write a test case in Truffle or Hardhat to demonstrate how the vulnerability can be exploited, as well as how your fix prevents this exploitation.

Concepts

  • smart contract vulnerabilities
  • reentrancy attack
  • solidity programming

Constraints

  • The solution must not use Solidity version-specific features beyond 0.8.x
  • Ensure that the contract maintains its original functionality after applying the fixes

Security Notes

  • Always ensure that state changes occur before sending Ether to external addresses in smart contracts to prevent reentrancy attacks.
  • Consider using modifiers or libraries designed to mitigate common attack vectors.

Solutions

Python Solution

// FAILED TO PARSE JSON RESPONSE
// Raw output preserved below (may be incomplete):
{
  "code": "pragma solidity ^0.8.0;\n\ncontract VulnerableLottery {\n    address public owner;\n    mapping(address => uint256) public balances;\n    uint256 public totalPrizePool = 0;\n    bool public isDistributing;\n\n    constructor() {\n        owner = msg.sender;\n    }\n\n    // Function to enter the lottery by sending Ether\    function enterLottery() external payable {\n        require(msg.value > 0, \"You need to send some Ether to participate.\");\n        balances[msg.sender] += msg.value;\n        totalPrizePool += msg.value;\n    }\n\n    // Vulnerable function that can be exploited by a reentrancy attack\    function distributePrize(address payable winner) external {\n        require(msg.sender == owner, \"Only the owner can distribute the prize.\");\n        require(!isDistributing, \"Already distributing prizes.\");\n        isDistributing = true;\n\n        winner.transfer(totalPrizePool); // Reentrancy vulnerability here\n        totalPrizePool = 0;\n        balances[winner] -= totalPrizePool; // This line is redundant after transfer\n\n        isDistributing = false;\n    }\n}\n\ncontract FixedLottery {\n    address public owner;\n    mapping(address => uint256) public balances;\n    uint256 public totalPrizePool = 0;\n    bool public isDistributing;\n\n    constructor() {\n        owner = msg.sender;\n    }\n\n    // Function to enter the lottery by sending Ether\    function enterLottery() external payable {\n        require(msg.value > 0, \"You need to send some Ether to participate.\");\n        balances[msg.sender] += msg.value;\n        totalPrizePool += msg.value;\n    }\n\n    // Fixed distributePrize function preventing reentrancy attack\    function distributePrize(address payable winner) external {\n        require(msg.sender == owner, \"Only the owner can distribute the prize.\");\n        require(!isDistributing, \"Already distributing prizes.\");\n        isDistributing = true;\n\n        uint256 prizeAmount = totalPrizePool;\n        balances[winner] -= prizeAmount; // Update balance before sending Ether\n        totalPrizePool = 0;\n        winner.transfer(prizeAmount); // Send Ether after updating state\n\n        isDistributing = false;\n    }\n}\n",
  "explanation": "This solution includes two versions of a decentralized lottery smart contract: the original vulnerable version and a fixed version that prevents reentrancy attacks.\nThe VulnerableLottery contract has a distributePrize function where Ether is sent to the winner before updating the state. This allows an attacker to recursively call this function, draining all funds from the contract.\nIn the FixedLottery contract, the order of operations in the distributePrize function is changed to prevent reentrancy attacks. The balance for the winner and the total prize pool are updated before sending Ether. This ensures that state changes occur before any external calls (sending Ether), following best practices for smart contract security.\nBy ensuring that all state updates happen before making an external call, the risk of reentrancy attacks is mitigated, maintaining the original functionality of the lottery system while enhancing its security."
}

The model produced malformed JSON. Raw response preserved in code field for manual review.