RIDE security audit service

buggzy · October 28, 2019, 1:55pm

We offer service of RIDE smart-contract security audit.
We will make you sure that your project will not remain a security holes.

Persons

Ilya “buggzy” Teterin. Expert in information security since 2001, mostly “white-hat”
Artem “bodrych” Badrtdinov. Graduated information security specialist.

Case: Neutrino stablecoin

What is Neutrino stablecoin: algorithmic stablecoin project backed by WAVES founder Sasha Ivanov
Description: Attacker can predict exchange rate of stablecoin and get extremely large profit from trading
Threat: Balance of smart-contract will smoothly flow to attacker
Limitation: no
Type of attack: weak architecture solution
Proof in blockchain:
https://wavesexplorer.com/address/3P6bXu74Bf3dF4B19Y15i4rfB9BngzLFeu9/tx

Case: WAVESBET

What is WAVESBET: blockchain gambling software backed by John McAfee
Description: Attacker can create specific transaction to get 100% change of winning his bet.
Threat: Withdraw all tokens from contract by one action.
Limitation: Attacker must be mining node owner.
Type of attack: manipulation of random number generator in blockchain.

Case: Ventuary DAO

What is Ventuary DAO: crowdfunding platform backed by WAVES LABS incubator
Description: Attacker can arbitrarily multiply his account value then withdraw all tokens from contract.
Threat: Withdraw all tokens from contract by several transactions.
Limitation: Attacker should have an account with successful crowdfunding campaign
Type of attack: double spend
Proof in blockchain (triple spend, actually unlimited):
https://wavesexplorer.com/tx/AR8sqidQLukEtM9dhBMRMMZ2MjgGPtSB3Vr7jMGUnB81
https://wavesexplorer.com/tx/FY8xyob8aDZobcLo4yGRKad3uhE28wj36DH4Q2aeeTEE
https://wavesexplorer.com/tx/4xa7ViuEouVQ5JnL7ZE6gSQyNghVatSUVQPnJVRNn68K

Case: play2win (ethereum)

What is play2win: Top1 ranked by dappradar in category “ethereum/gambling”
Description: Attacker can predict bet result and cancel bet if it is unlucky
Limitation: Owners of game is generally disabling payout by this contract even if bet has been won. But sometimes payouts is enabled and attacker can finally win a one or two bets before payouts is disabled.
Treat: Attacked withdraws balance by winning all his bets
Type of attack: Bet cancelation inside currently mined block

Case: space dice (ethereum)

What is space dice: Indie-game in ethereum blockchain, currently rethinked to commit-reveal arch because of described breach
Description: Attacker can predict bet result and cancel bet if it is unlucky
Limitation: None
Treat: Attacked withdraws balance by winning all his bets
Type of attack: Bet cancelation inside currently mined block

Contacts

Telegram: @buggzy2 @bodrych

deemru · October 28, 2019, 4:28pm

Nice showcase.

Did you write some tools for the audit? It looks like it’s done totally with bare hands.

How much, how long and what guarantees?

buggzy · October 28, 2019, 5:56pm

Automation was not used except the trading bot for Neutrino.

This will not be a public offer with public price. Individual conditions for each project. This will be sort of bug bounty, the customer will pay full amount only for detected issues.

deemru · October 28, 2019, 8:02pm

It is a very interesting offer: full price for issues only.

Are you planning on presenting your results here? Just like the first three.

buggzy · November 21, 2019, 8:35pm

Added two cases in ethereum