This repository has been archived by the owner on Jul 19, 2019. It is now read-only.
🔒 Fix DoS vulnerability in Credit Protocol contract #33
+1
−1
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
#executeUcacTx
is an inexpensive and unauthenticated function that increases the transaction counter for a UCAC without actually performing a transaction, up to that UCAC's transaction limit.A motivated attacker can call this function continuously to perform a denial-of-service (DoS) attack on a UCAC, preventing legitimate transactions using that UCAC from being processed.
Once started, this attack can be maintained indefinitely.
Potential mitigations/effects on a live contract include:
An attack on a UCAC may incentivize its stakeholders to unstake their tokens.
The fewer tokens staked in a UCAC, the less expensive the attack becomes to perform and maintain.
Staking more tokens in the UCAC will increase the transaction limit, thus increasing the cost to perform and maintain the attack.
The best mitigation for this attack, then, for a live contract, would be for token holders to stake enough tokens in the affected UCAC to make the attack too expensive for the attacker to maintain.
This PR mitigates the vulnerability by reducing the visibility of the
#executeUcacTx
function toprivate
, allowing it to only be called by other functions within the contract.