TIM 4 

Meet Our Team Brief overview Three Bachelors in the Computer Engineering. We are also Friends who are passionate about technology and learning new things on a daily basis 

Security Smart Contracts on Ethereum 

What is a Blockchain? 01 A blockchain is a growing list of data blocks that are linked together, which can be used for many things, including cryptocurrencies. 02 03 The data blocks are linked together, such that old blocks cannot be removed or altered. Blockchain could be regarded as a public ledger and all committed transactions are stored in a list of blocks. 

What is Ethereum? Moreover, the block validation process involves network miners to determine whether a particular block is valid. Block generation method differs in different platforms, such as Ethereum, Bitcoin, Hyperledger, etc. Ethereum is a blockchain platform with its own cryptocurrency, called Ether (ETH) or Ethereum, and its own programming language, called Solidity. A miner with a valid hash is awarded Ether, and the generated block is then added to that particular blockchain. The block generation time of Ethereum is roughly 12-15 seconds. 

What is a smart contract? Ethereum is one of the major platforms which is used for the development of a smart contract. A smart contract is an agreement between two people in the form of computer code They run on the blockchain, so they are stored on a public database and cannot be changed 

What is a smart contract? Total cycle of smart contract execution over Ethereum blockchain. • Two parties reach an agreement • Developer write code using Solidity. • The code is then compiled to bytecode for the EVM to process. • Miners’ involvement is required for processing the contract to the blockchain. • Once included, the contract gets processed on the event scheduled date, triggered by the written code. • The execution of the contract releases the payment to the appropriate party, which can later be verified by anyone 

Threats Attacks Mitigations Consensus Algorithms [23][14] Antivirus/anti-malware software [17] ZEUS [23] Oyente [23] Cryptojacking [17] Integer Overflow/Underflow Attack [23] Sibyl attacks [17] Parity Multisig Wallet Attack [23] Malicious Acts [17] Destroyable / Suicidal contract [23] Integer overflow/underflow [23] Assets Attackers Individual hackers Organizations MODEL Centralization [4] [23] Decentralization [4] [23] 51% Attack [4] [23] Digital assets States Confidential information Weak Protocol [17] KYC [17] 

Centralization • Centralized because the entire system works like one. • Centralized unaccountable parties hold unequivocal power to change the terms and conditions of the game at their volition. • Centralized system propagates a mono-culture of information, as the central node starts to control what information is trusted or ranked higher than the other. Threats 

Threats Attacks Mitigations Consensus Algorithms [23][14] Antivirus/anti-malware software [17] ZEUS [23] Oyente [23] Cryptojacking [17] Integer Overflow/Underflow Attack [23] Sibyl attacks [17] Parity Multisig Wallet Attack [23] Malicious Acts [17] Destroyable / Suicidal contract [23] Integer overflow/underflow [23] Assets Attackers Individual hackers Organizations MODEL Centralization [4] [23] Decentralization [4] [23] 51% Attack [4] [23] Digital assets States Confidential information Weak Protocol [17] KYC [17] 

Attacks 51% Attack • The Majority Attack (51% Attacks). If someone has more than 51% computing power, then he/she can find Nonce value quicker than others, means he/she has authority to decide which block is permissible. • The attackers would be able to prevent new transactions from gaining confirmations, allowing them to halt payments between some or all users. • They would almost certainly not be able to create new coins or alter old blocks. • A 51% attack would probably not destroy Bitcoin or another blockchain-based currency outright, even if it proved highly damaging. 

Threats Attacks Mitigations Consensus Algorithms [23][14] Antivirus/anti-malware software [17] ZEUS [23] Oyente [23] Cryptojacking [17] Integer Overflow/Underflow Attack [23] Sibyl attacks [17] Parity Multisig Wallet Attack [23] Malicious Acts [17] Destroyable / Suicidal contract [23] Integer overflow/underflow [23] Assets Attackers Individual hackers Organizations MODEL Centralization [4] [23] Decentralization [4] [23] 51% Attack [4] [23] Digital assets States Confidential information Weak Protocol [17] KYC [17] 

Mitigations Decentralization • Blockchain technology is a very good example of this as it involves nodes that interact with each other directly instead of through a central node. This is also called Peer-to- Peer (P2P) networking. • Decentralization is a very impactful invention as it brings into play a way for people to communicate and exchange resources without the need for a central authority to govern the interactions. • Since the nodes have equal authority and that the information of each node is not stored in a central, even if one node of the network is hacked none of the other nodes are directly compromised. 

Threats Attacks Mitigations Consensus Algorithms [23][14] Antivirus/anti-malware software [17] ZEUS [23] Oyente [23] Cryptojacking [17] Integer Overflow/Underflow Attack [23] Sibyl attacks [17] Parity Multisig Wallet Attack [23] Malicious Acts [17] Destroyable / Suicidal contract [23] Integer overflow/underflow [23] Assets Attackers Individual hackers Organizations MODEL Centralization [4] [23] Decentralization [4] [23] 51% Attack [4] [23] Digital assets States Confidential information Weak Protocol [17] KYC [17] 

Mitigations Consensus algorithms • Algorithms used to allow the nodes in a network to come to an agreement on a particular decision (i.e. achieve a consensus). • Two main levels: Crash Fault Tolerance (CFT) and Byzantine Fault Tolerance (BFT). • CFT level algorithms ensure that the entire system can still function properly (and thus still reach a consensus) even if there are components which have fault. • BFT level algorithms assume that every component has the potential to crash or be a source of malicious activity, thus it assumes a certain number of the nodes are malicious and ensures that the system will remain unaffected even if those nodes do turn out to crash/be a source of malicious activity. 

Threats Attacks Mitigations Consensus Algorithms [23][14] Antivirus/anti-malware software [17] ZEUS [23] Oyente [23] Cryptojacking [17] Integer Overflow/Underflow Attack [23] Sibyl attacks [17] Parity Multisig Wallet Attack [23] Malicious Acts [17] Destroyable / Suicidal contract [23] Integer overflow/underflow [23] Assets Attackers Individual hackers Organizations MODEL Centralization [4] [23] Decentralization [4] [23] 51% Attack [4] [23] Digital assets States Confidential information Weak Protocol [17] KYC [17] 

Assets Confidential information • passwords • browsing history • saved cookies 

Threats Attacks Mitigations Consensus Algorithms [23][14] Antivirus/anti-malware software [17] ZEUS [23] Oyente [23] Cryptojacking [17] Integer Overflow/Underflow Attack [23] Sibyl attacks [17] Parity Multisig Wallet Attack [23] Malicious Acts [17] Destroyable / Suicidal contract [23] Integer overflow/underflow [23] Assets Attackers Individual hackers Organizations MODEL Centralization [4] [23] Decentralization [4] [23] 51% Attack [4] [23] Digital assets States Confidential information Weak Protocol [17] KYC [17] 

Integer Overflow/Underflow • An unsigned integer in Solidity is defined as uint256. Each uint256 is limited to 256 bits in size translating to any integers between 0 and 4,294,967,295 (2 256 −1). • If an integer variable assigned to a value larger than this range, it resets to 0; if the variable assigned to a value less than the range, it would be reset to the top value of the range. • For example, when a positive number is subtracted from 0 it will result an integer of 2 256−1. • The attacker exploited this vulnerability to steal Ethers through such an integer underflow attack. Threats 

Threats Attacks Mitigations Consensus Algorithms [23][14] Antivirus/anti-malware software [17] ZEUS [23] Oyente [23] Cryptojacking [17] Integer Overflow/Underflow Attack [23] Sibyl attacks [17] Parity Multisig Wallet Attack [23] Malicious Acts [17] Destroyable / Suicidal contract [23] Integer overflow/underflow [23] Assets Attackers Individual hackers Organizations MODEL Centralization [4] [23] Decentralization [4] [23] 51% Attack [4] [23] Digital assets States Confidential information Weak Protocol [17] KYC [17] 

Attacks Integer Overflow/Underflow attack • The Proof-of-Week-Hands (POWH) Coin is a Ponzi scheme developed by a group of people using smart contracts. It had been attacked due to an integer overflow/underflow problem in 2018. The attacker drained around 2,000 Ethers because of the insecure operations of integers. • If an attacker has a target account holding 0 Ether, an attack example works as the following steps: • First, the attacker sends 1 Wei to a target contract. (Wei is the smallest denomination of Ether in Ethereum — 1 Ether is worth 1018 Weis.) • The target contract will deposit the fund to the sender’s account. 

Attacks Integer Overflow/Underflow attack • Next, the attacker requests to withdraw 1 Wei, and the sender’s balance will be updated to 0 Wei by subtracting 1 Wei. • When the target contract sends the fund to attacker’s contract, the attacker’s fallback function will be triggered so that a subsequent withdrawal is requested again. • Now when the contract updates the balance by subtracting 1 from 0, the balance becomes -1. • Due to the integer under/over flow issue, the attacker’s balance will be automatically reset to 2 Weis. Using a repeating mechanism the attacker is able to steal all funds from the victim’s account. 

Threats Attacks Mitigations Consensus Algorithms [23][14] Antivirus/anti-malware software [17] ZEUS [23] Oyente [23] Cryptojacking [17] Integer Overflow/Underflow Attack [23] Sibyl attacks [17] Parity Multisig Wallet Attack [23] Malicious Acts [17] Destroyable / Suicidal contract [23] Integer overflow/underflow [23] Assets Attackers Individual hackers Organizations MODEL Centralization [4] [23] Decentralization [4] [23] 51% Attack [4] [23] Digital assets States Confidential information Weak Protocol [17] KYC [17] 

Mitigations ZEUS • ZEUS can verify the correctness of smart contracts and validate their fairness • Combining an abstract interpreter with a symbolic model checker, ZEUS verifies the safe programming practices of the vulnerable smart contracts. • ZEUS outperformed OYENTE with less false positive rate and less analysis time. • The tool ZEUS detects six security vulnerabilities in smart contracts including integer overflow/underflow, Destroyable / Suicidal contract. • ZEUS takes two inputs, that is, the smart contract source code in Solidity and a security policy written in an specific language to verify the vulnerabilities. 

Threats Attacks Mitigations Consensus Algorithms [23][14] Antivirus/anti-malware software [17] ZEUS [23] Oyente [23] Cryptojacking [17] Integer Overflow/Underflow Attack [23] Sibyl attacks [17] Parity Multisig Wallet Attack [23] Malicious Acts [17] Destroyable / Suicidal contract [23] Integer overflow/underflow [23] Assets Attackers Individual hackers Organizations MODEL Centralization [4] [23] Decentralization [4] [23] 51% Attack [4] [23] Digital assets States Confidential information Weak Protocol [17] KYC [17] 

Mitigations OYENTE • OYENTE is a static analysis tool which detects the security vulnerabilities. • The vulnerabilities include integer overflow/underflow threats. • Upon the detection of any problem, OYENTE pinpoints the specific line of the smart contract source code which contains any security vulnerability. 

Mitigations OYENTE • OYENTE has four modules, CFGBuilder, Explorer, CoreAnalysis, and Validator. • CFGBuilder builds a control flow graph for the smart contract bytecode. In the control flow graph, each node represents a basic execution block; the edges represent the execution jumps between the blocks. • Explorer executes the smart contract code symbolically. The output from the Explorer are fed as the input to the CoreAnalysis component. • The identified vulnerabilities are targeted to implement the logic in the CoreAnalysis module. • In the end, the Validator module filters out the false positives from the results, and the final results are visualized to the users. 

Threats Attacks Mitigations Consensus Algorithms [23][14] Antivirus/anti-malware software [17] ZEUS [23] Oyente [23] Cryptojacking [17] Integer Overflow/Underflow Attack [23] Sibyl attacks [17] Parity Multisig Wallet Attack [23] Malicious Acts [17] Destroyable / Suicidal contract [23] Integer overflow/underflow [23] Assets Attackers Individual hackers Organizations MODEL Centralization [4] [23] Decentralization [4] [23] 51% Attack [4] [23] Digital assets States Confidential information Weak Protocol [17] KYC [17] 

Destroyable / Suicidal contract • Contract is susceptible to be destroyed by unauthorized users. • A destroyable contract refers to the smart contract subject to be terminated or killed by an anonymous suicide instruction called by any external user account or another smart contract. • The self-destruct function in the smart contract is usually executed by its owner whenever an attack or emergency incident is detected. • The self-destruct function should be aware of the user who is executing it, and it should allow the kill method invoked by the legitimate owners only Threats 

Threats Attacks Mitigations Consensus Algorithms [23][14] Antivirus/anti-malware software [17] ZEUS [23] Oyente [23] Cryptojacking [17] Integer Overflow/Underflow Attack [23] Sibyl attacks [17] Parity Multisig Wallet Attack [23] Malicious Acts [17] Destroyable / Suicidal contract [23] Integer overflow/underflow [23] Assets Attackers Individual hackers Organizations MODEL Centralization [4] [23] Decentralization [4] [23] 51% Attack [4] [23] Digital assets States Confidential information Weak Protocol [17] KYC [17] 

Attacks Parity multisig wallet attack • The parity multisig wallet attack happened because of the lack of a proper access modifier to the external library functions. • The attacks like the partiy multisig wallet problem are partially addressed because it is impossible to avoid all the invocations that are called to the public external functions. • The solution for this problem is to use a private modifier to the functions in the external library and use a locking mechanisms to avoid sending fund or changing state without the owner’s permission. 

Threats Attacks Mitigations Consensus Algorithms [23][14] Antivirus/anti-malware software [17] ZEUS [23] Oyente [23] Cryptojacking [17] Integer Overflow/Underflow Attack [23] Sibyl attacks [17] Parity Multisig Wallet Attack [23] Malicious Acts [17] Destroyable / Suicidal contract [23] Integer overflow/underflow [23] Assets Attackers Individual hackers Organizations MODEL Centralization [4] [23] Decentralization [4] [23] 51% Attack [4] [23] Digital assets States Confidential information Weak Protocol [17] KYC [17] 

Assets Digital assets 

Threats Attacks Mitigations Consensus Algorithms [23][14] Antivirus/anti-malware software [17] ZEUS [23] Oyente [23] Cryptojacking [17] Integer Overflow/Underflow Attack [23] Sibyl attacks [17] Parity Multisig Wallet Attack [23] Malicious Acts [17] Destroyable / Suicidal contract [23] Integer overflow/underflow [23] Assets Attackers Individual hackers Organizations MODEL Centralization [4] [23] Decentralization [4] [23] 51% Attack [4] [23] Digital assets States Confidential information Weak Protocol [17] KYC [17] 

Attackers Attackers • states • individual hackers • organizations 

Threats Attacks Mitigations Consensus Algorithms [23][14] Antivirus/anti-malware software [17] ZEUS [23] Oyente [23] Cryptojacking [17] Integer Overflow/Underflow Attack [23] Sibyl attacks [17] Parity Multisig Wallet Attack [23] Malicious Acts [17] Destroyable / Suicidal contract [23] Integer overflow/underflow [23] Assets Attackers Individual hackers Organizations MODEL Centralization [4] [23] Decentralization [4] [23] 51% Attack [4] [23] Digital assets States Confidential information Weak Protocol [17] KYC [17] 

Malicious Acts • It involves infecting miners system with malware to have the incentive directed to the attacker’s wallet • Regardless of the victim’s location, mining malware can be exploited from any part of the world Threats 

Threats Attacks Mitigations Consensus Algorithms [23][14] Antivirus/anti-malware software [17] ZEUS [23] Oyente [23] Cryptojacking [17] Integer Overflow/Underflow Attack [23] Sibyl attacks [17] Parity Multisig Wallet Attack [23] Malicious Acts [17] Destroyable / Suicidal contract [23] Integer overflow/underflow [23] Assets Attackers Individual hackers Organizations MODEL Centralization [4] [23] Decentralization [4] [23] 51% Attack [4] [23] Digital assets States Confidential information Weak Protocol [17] KYC [17] 

Attacks Cryptojacking • The threat actor compromises a website • Users connect to the compromised website and the cryptomining script executes • Users unknowingly start mining cryptocurrency on behalf of the threat actor • Upond successfully adding a new block to the blockchain, the threat actor receives a reward in cryptocurrency coins 

Threats Attacks Mitigations Consensus Algorithms [23][14] Antivirus/anti-malware software [17] ZEUS [23] Oyente [23] Cryptojacking [17] Integer Overflow/Underflow Attack [23] Sibyl attacks [17] Parity Multisig Wallet Attack [23] Malicious Acts [17] Destroyable / Suicidal contract [23] Integer overflow/underflow [23] Assets Attackers Individual hackers Organizations MODEL Centralization [4] [23] Decentralization [4] [23] 51% Attack [4] [23] Digital assets States Confidential information Weak Protocol [17] KYC [17] 

Weak Protocol • Exploits due to weak consensus have been very common lately, although it can often be very expensive • Successfully executed attacks can remove blocks from the chain, completely destroy the block chain or gain complete control over the price of cryptocurrency Threats 

Threats Attacks Mitigations Consensus Algorithms [23][14] Antivirus/anti-malware software [17] ZEUS [23] Oyente [23] Cryptojacking [17] Integer Overflow/Underflow Attack [23] Sibyl attacks [17] Parity Multisig Wallet Attack [23] Malicious Acts [17] Destroyable / Suicidal contract [23] Integer overflow/underflow [23] Assets Attackers Individual hackers Organizations MODEL Centralization [4] [23] Decentralization [4] [23] 51% Attack [4] [23] Digital assets States Confidential information Weak Protocol [17] KYC [17] 

Attacks Sybil Attack • Disproportionate control • Fake identities • Influence other nodes • Establish several malicious nodes 

Threats Attacks Mitigations Consensus Algorithms [23][14] Antivirus/anti-malware software [17] ZEUS [23] Oyente [23] Cryptojacking [17] Integer Overflow/Underflow Attack [23] Sibyl attacks [17] Parity Multisig Wallet Attack [23] Malicious Acts [17] Destroyable / Suicidal contract [23] Integer overflow/underflow [23] Assets Attackers Individual hackers Organizations MODEL Centralization [4] [23] Decentralization [4] [23] 51% Attack [4] [23] Digital assets States Confidential information Weak Protocol [17] KYC [17] 

Mitigations Know Your Customer • It require that professionals make an effort to verify the identity • The procedures fit within the broader scope of a bank's anti- money laundering (AML) policy • KYC processes are also employed by companies of all sizes for the purpose of ensuring their proposed customers, agents, consultants, or distributors are anti-bribery compliant, and are actually who they claim to be 

Threats Attacks Mitigations Consensus Algorithms [23][14] Antivirus/anti-malware software [17] ZEUS [23] Oyente [23] Cryptojacking [17] Integer Overflow/Underflow Attack [23] Sibyl attacks [17] Parity Multisig Wallet Attack [23] Malicious Acts [17] Destroyable / Suicidal contract [23] Integer overflow/underflow [23] Assets Attackers Individual hackers Organizations MODEL Centralization [4] [23] Decentralization [4] [23] 51% Attack [4] [23] Digital assets States Confidential information Weak Protocol [17] KYC [17] 

Threats Attacks Mitigations Sibyl attacks [17] Assets Attackers Individual hackers Organizations MODEL Digital assets States Weak Protocol [17] KYC [17] Complete Photographic replacement [25] Face Morphing [25] Face Swapping [25] Identity Deletion [25] Portait seal [25] 

Attacks Attacks on the KYC • Complete Photography Replacement • Face Swapping • Face Morphing • Identity Deletion 

Mitigations Portrait seal • Аuthenticity of portrait • A distance between two signatures vectors • Salient points 

Threats Attacks Mitigations Consensus Algorithms [23][14] Antivirus/anti-malware software [17] ZEUS [23] Oyente [23] Cryptojacking [17] Integer Overflow/Underflow Attack [23] Sibyl attacks [17] Parity Multisig Wallet Attack [23] Malicious Acts [17] Destroyable / Suicidal contract [23] Integer overflow/underflow [23] Assets Attackers Individual hackers Organizations MODEL Centralization [4] [23] Decentralization [4] [23] 51% Attack [4] [23] Digital assets States Confidential information Weak Protocol [17] KYC [17] 

THANK YOU