0

I have a few questions on the Short Address attack:

  1. Is it possible to apply this attack on a function which does not take encoded byte-code as input and execute it, for example - function func(bytes data)?

  2. If yes, doesn't this mean that one should verify msg.data.length in every public or external function?

  3. If a function of mine verifies the value of msg.sender (doesn't matter how, but let's assume that the function can determine whether or not I trust this sender) - am I still at any risk of a non-verified sender calling it with malicious data?

I have found several partially-related answers on this website (one of them to my own question), but I have not been able to decide how this attack should be handled with in my solidity code (off-chain code is not critical as far as I'm concerned):

  1. Answer 1
  2. Answer 2
  3. Answer 3

The majority opinion seems to be that such protection should not be added on-chain.

In my 3 questions above, I am trying to determine whether or not I can feel safe with that.

Thank you very much!!!

UPDATE:

As I mentioned above (and to the reader who closed this question as duplicate by specifying a question which I have explicitly linked here):

I have found several partially-related answers on this website (one of them to my own question), but I have not been able to decide how this attack should be handled with in my solidity code (off-chain code is not critical as far as I'm concerned):

  1. Answer 1
  2. Answer 2
  3. Answer 3

Moreover, I have linked here both answers to the question suggested as a duplicate of mine (1 and 2 above), one of which was given by this reader (who apparently didn't bother to read through).

So again - the question (not answered anywhere within the linked material) - should I handle this attack on-chain or off-chain?

Thanks again!

goodvibration
  • 26,003
  • 5
  • 46
  • 86
  • 2
    Possible duplicate of Validating msg.data.length – Ismael Dec 10 '18 at 18:22
  • @Ismael: I think you didn't bother to read through. I have linked both answers to the question which you have suggested as duplicate (one of them being yours!!!). None of them answers my specific question - should I handle the Short Address attack on-chain or off-chain? – goodvibration Dec 10 '18 at 18:33
  • IMHO you should consider it on a case by case basis. In some cases it is desirable for smart contracts to take some measures but for most smart contracts it doen't add more security. Also I don't remeber a public incident where short address attack was used successfully. – Ismael Dec 10 '18 at 18:39
  • @Ismael: Thank you. So what I'm basically looking for is the criterion by which I can determine what case I'm at. – goodvibration Dec 10 '18 at 19:41
  • @Ismael: Regarding "public incident where short address attack was used successfully", I think that Parity had a security bug which allowed such attack via dynamic invocation of byte-code made in the fallback function (or maybe it was in some MultiSig contract by Parity). – goodvibration Dec 10 '18 at 19:51
  • The two more important bugs in Parity Multisig wallet are unrelated to short address attack: initWallet not protected, selfdestruct bug. – Ismael Dec 11 '18 at 04:07

0 Answers0