ERC223 Smart Contract Breach and Resolution - Vulnerability Relating to the Concurrent Implementation of ERC223 and ds-auth
Vulnerability Evaluation
Severity of Vulnerability: Severe
Contract Affected: atn-contracts
How Affected: Token Supply Altered
Abstract:
On May 11th, 2018 at 11:46 AM, the ATN technical team was alerted to an abnormal change in the ATN (ERC223 token) total token supply. Upon investigation, it was quickly discovered that the ATN token contract had been the victim of an attack. The ATN technical team was able to determine that the concurrent implementation of the ERC223 token standard along with the ds-auth database may have led to a rare vulnerability in authorization. The technical team was able to immediately patch the bug, freeze the additional tokens issued by the attacker, and track all transactional records of the attacker. At the meantime, ATN reached an agreement with SlowMist, a specialized blockchain ecosystem security company, to collaborate and re-audit ATN's ERC223 smart contract. During the auditing process, SlowMist gave full approval to ATN's efficient and immediate response to the vulnerability. The repair measures taken by ATN were lauded by SlowMist and the repaired ERC223 contract passed SlowMist's rigorous audit.
Vulnerability Analysis and Events of the Attack
In order to overcome the problem of lost tokens common with ERC20 and to implement the ability for receivers to handle contracts after receiving tokens, ATN decided to adopt the ERC223 token standard for its tokens at inception, along with implementing the apphub/ds-auth database. When ERC223 and ds-auth are used separately, there is no issue. However, when used in conjunction, it allowed the attacker to use the callback function to callback setOwner and gain administrative authority. The attacker was then able to capitalize on this vulnerability to change the owner of the ATN token contract to an address under their control. After rerouting ownership to their own address, the attacker attacked the ATN contract by creating a transaction using the mint function, sending ATN tokens to another address. Afterwards, the attacker then used setOwner to restore authority in an attempt cover up the attack.
Corresponding Measures
After tracing the attacker's activities, it appeared that the attacker had sent the minted ATN tokens to 14 different Ethereum addresses. However, there were no ETH in these addresses to be used as gas, and thus there was no risk of these tokens being transferred to and sold on exchanges. Upon discovery of the attack, the ATN team immediately froze the attacker's ATN addresses and restored ATN's original total token supply. The following steps were performed, in combination with the goal of tracking and possibly identifying the attacker:
Prepared restoration measures, implemented Guard contract to prevent the sending of ATN tokens to the ATN smart contract address in order to block the callback function. Added a blacklist contract in order to freeze any ATN addresses controlled by the attacker.
Monitored ETH balances in the attacker's addresses and any potential exchange deposit activity resulting from the attacker, in order to potentially obtain evidence of the attacker's identity.
After tracing and confirming the attacker's activities, activated the restoration measures and blacklisted all of the attacker's ATN addresses.
The ATN Foundation burned the equivalent number of ATN tokens to restore the original total token supply. The hacked tokens will be replaced when ATN launches its mainnet and migrate to its own network token standard.
The ATN team monitored the attacker's activities until the attacker deposited 1,000 ATN to an exchange address, at which point the ATN team immediately deployed the Guard safe restore contract to freeze the attacker's ATN addresses. As well, the ATN team was able to obtain the following transactional evidence of the attacker moving ATN tokens to the exchange address: https://etherscan.io/tx/0x18bd80b810f6a6b6d397901d677657d39f8471069bcb7cfbf490c1946dfd617d
This means that the attacker's KYC identity may potentially be obtained. ATN are actively cooperating with the exchange to track the attacker, and may take any legal actions necessary.
In addition, the ATN foundation burned the amount of ATN tokens corresponding to the amount minted by the attacker, restoring ATN's total supply. Upon the mainnet launch of ATN, the team will snapshot the token addresses and remove the corresponding amount of assets from the attacker's addresses.
Characteristics of ERC223 and the ATN Token
ERC223 is an upgraded backwards compatible version of ERC20 that provides better token functionality, and allows the ability to handle contracts after they have been transferred. Learn more about ERC223 here: https://github.com/ethereum/EIPs/issues/223
ERC223 naturally supports cross-chain, which can be used for AI Market cross-chain token payments.
Because the ATN token was originally intended to be used as fuel, users or DApps will use ATN as a form of payment. Hence, after transacting ATN, the token contracts should naturally have the ability to trigger a type of service logic after funds are received.
Additionally, ERC20 tokens cannot launch crowdfunding contracts. However, ATN ERC223 tokens have this capability. Please refer to ATN Swap contracts: https://github.com/ATNIO/atn-contracts/blob/master/src/AGT2ATNSwap.sol
Conclusion
Contract security is no small issue. Due to the complex design of the ATN ERC223 smart contract with multiple built-in functions and governance mechanisms, it proved difficult and complex for auditing. Prior to going on-chain, the ATN ERC223 contract had already undergone multiple internal and external audits, but despite this we can see that there remained undetected vulnerabilities. Blockchain contract security relies solely on the experience and capability of the developers, meaning that there is always room for error. Previous security vulnerabilities in blockchain contracts have shown this, for example the infamous DAO hack, the ERC20 security breaches with EDU, BAIC, SMT, etc., as well as the recent batchOverflow vulnerability.
The ATN technical team were able to rely on their extensive experience in Ethereum contract deployment and quick recovery/defense action to minimize the damages of this attack, with virtually no financial loss suffered. Quick and decisive measures had to be taken in order to protect the wellbeing of the ATN community.
The experience of this ERC223 contract security breach can hopefully provide an example vulnerability review and repair case study for other ERC223 users in the Ethereum community, prevent other projects from suffering the same attack, and contribute positively towards the continued ecological development of Ethereum as a whole.
Prior to the ATN mainnet going live, the ATN technical team will continue to monitor the token's contract and status. ATN will also continue to work closely with specialized blockchain auditing agencies such as SlowMist to ensure the robustness of its contract security. ATN will make its code open-source just prior to mainnet launch and engage its community and partners for bug bounty to ensure a safe and secure future for ATN.
ATN's Cooperation with Slow Mist
Slow Mist is a specialized blockchain ecosystem security company. Its founding team has extensive experience in cybersecurity systems, and come from backgrounds working in Google, Microsoft, W3C, China's Ministry of Public Security, Tencent, Alibaba, and Baidu. The team's core responsibilities include security auditing, defense deployment, as well as tracking and defending against hackers.
After taking measures against the security breach, the ATN team immediately contacted SlowMist to submit a vulnerability report (in Chinese) and to seek consultation. The team fully cooperated with SlowMist to carry out any further necessary security procedures for ensuring the security of ATN contracts. SlowMist gave full scores after their audit and published a report on the security of ATN contracts based on ERC223.
The cooperation of blockchain projects and blockchain security companies is not only necessary for protecting the project itself against security breaches in the short-term, but also key for the long-term health of the blockchain ecology as a whole.