Renaissance Labs

Posted on Mar 07, 2022Read on Mirror.xyz

Learn Solidity Series 11: Important things

Overflow

Solidity 可以处理 256 位数字, 最高为 2^256 - 1, 所以对 (2^256 - 1) 加 1 会导致归 0。同理, 对 unsigned 类型 0 做减 1 运算会得到 (2**256 - 1)

pragma solidity 0.4.18;
contract OverflowUnderflow {
    uint public zero = 0;
    uint public max = 2^256 - 1;
    // zero will end up at  2^256 - 1
    function underflow() public {
        zero -= 1;
    }
    function overflow() public {
        max += 1;
    }
}

Underflow

比如, 账号 A 持有 X tokens, 如果他发起一笔 X + 1 tokens 的交易, 如果代码不进行校验, 则账号 A 的余额可能发生 underflow 导致余额变多.

可以引入 SafeMath Library 解决:

pragma solidity 0.4.18;
library SafeMath {
    function mul(uint256 a, uint256 b) internal pure returns (uint256) {
        if (a==0) {
            return 0;
        }
        uint c = a * b;
        assert(c / a == b);
        return c;
    }
    function div(uint256 a, uint256 b) internal pure returns (uint256) {
        uint256 c = a / b;
        return c;
    }
    function sub(uint256 a, uint256 b) internal pure returns (uint256) {
        assert(b <= a);
        return a - b;
    }
    function add(uint256 a, uint256 b) internal pure returns (uint256) {
        uint256 c = a + b;
        assert(c >= a);
        return c;
    }
}
contract OverflowUnderflow {
    using SafeMath for uint;
    uint public zero = 0;
    uint public max = 2 ** 256 - 1;
    function underflow() public {
        zero = zero.sub(1);
    }
    function overflow() public {
        max = max.add(1);
    }
}

Visibility 与 Delegatecall

  • Public functions 可以被任意地址调用
  • External functions 只能从合约外部调用
  • Private functions 只能从合约内部调用
  • Internal functions 允许从合约及其子合约调用

External functions 消耗的 gas 比 public 少, 因为其使用 calldata 而 Public 需要复制所有参数到 memory。

Delegatecall

Delegatecall is identical to a message call apart from the fact that the code at the target address is executed in the context of the calling contract and msg.sender and msg.value do not change their values. This means that a contract can dynamically load code from a different address at runtime. Storage, current address and balance still refer to the calling contract, only the code is taken from the called address.

这个特性可以用于构建 Library 和模块化代码. 但是与此同时, 这也有可能造成别人对你的代码进行操作。

下例中, 攻击者调用 pwn 方法获得了合约的拥有权。

pragma solidity 0.4.18;
contract Delegate {
    address public owner;
    function Delegate(address _owner) public {
        owner = _owner;
    }
    function pwn() public {
        owner = msg.sender;
    }
}
contract Deletagion {
    address public owner;
    Delegate delegate;
    function Delegation(address _delegateAddreses) public {
        delegate = Delegate(_delegateAddreses);
        owner = msg.sender;
    }
    // an attacker can call Delegate.pwn() in the context of Delegation, this means that pwn() will modify the state of **Delegation** and not Delegate, the result is that the attacker takes unauthorized ownership of the contract.
    function () public {
        if(delegate.delegatecall(msg.data)) {
            this;
        }
    }
}

ARWEAVE TX

JrahMATX5bVi4FOYb2VrlyuF7XCCGpYLMx3pVSdsVls

ETHEREUM ADDRESS

0x9B5b7b8290c23dD619ceaC1ebcCBad3661786f3a

CONTENT DIGEST

0JOvBH5JK7Q0dARX3sxb9kw38WfILuqRpbvkyxPoI2s

Recommended Reading
🚀TrendX Financing Daily News 04/27/2024🚀TrendX Financing Daily News 04/26/2024Hekla testnet (with blobs) is now live!