The Ethereum Bug That Could Have Made You Rich!
You may have missed a great opportunity to become a Ethereum millionaire!
A major bug, filed under the title “Ethereum account balance manipulation,” allowed for accessing an unlimited supply of ethers in your wallet by following a series of steps involving a smart contract execution with a faulty transaction or a faulty address wallet. But the opportunity is gone, as the bug is now fixed. (See also, $150 Million+ in Ethereum Accidentally “Frozen”, May Need Hard Fork.)
How did the Drama Unfold?
A Dutch fintech firm called VI Company identified and reported the vulnerability to Coinbase during December of last year. The largest cryptocurrency exchange of the U.S. promptly took action, but it took almost a month to fix the bug by the later part of January. (See also, Coinbase: What Is It and How Do You Use It?)
The VI Company was rewarded by the Coinbase exchange with a bounty amount of $10,000 for its candid reporting of the issue, and the issue was publicly disclosed.
How did the Bug Allow Unlimited ETH Supply?
Ethereum uses smart contracts as an integral part of its network. The vulnerability existed during fund transfer through smart contracts in the following scenario.
Say, a user used smart contracts to distribute ethers over a set of multiple wallets. This standard exercise would result in multiple transactions on the Ethereum network. If one such intermediate transaction fails, all the other transactions prior to it will also be reversed due to the working mechanism of the smart contracts. (See also, Ethereum Smart Contracts Vulnerable to Hacks: $4 Million in Ether at Risk.)
However, the problem occurs on the Coinbase account where these transactions will not be reversed. That allowed for a person to add an infinite number of ethers to their balance. Though looking up the Coinbase wallet address will reveal that it is not credited with any ethers, the person’s Coinbase wallet will show the tokens.
Essentially, a user could use a smart contract to initiate fund transfer that is split across hundreds of transactions. If the user purposely sets a faulty transaction at the end, all the earlier ones will get reversed, crediting his/her wallet with the cumulative amount of tokens.
HackerOne lists the following steps by VI Company to reproduce the problem:
- Set up a smart contract with a few valid Coinbase wallets and one final faulty wallet that always throw exception when receiving funds smart contract
- Transfer appropriate funds to the smart contract
- Without leaving the smart contract wallet, start executing the smart contract. It will add the set amount of ether to the Coinbase wallets. Since the complete transaction will fail at the last wallet, all prior transactions will reverse, but they will not reverse on the Coinbase account.
- The person executing this procedure can now cash out, or transfer the desired ethers to other wallet
Though there are no reports yet of any big violations or misuse due to this bug, Coinbase has confirmed the “accidental loss”. In a summary note, Coinbase mentions, “The issue was fixed by changing the contract handling logic. Analysis of the issue indicated only accidental loss for Coinbase, and no exploitation attempts.” (See also, Can Bitcoin Be Hacked?)
Source: Read Full Article