much of ETH and cause of a hard-fork - The DAO Attack is caused by re-entrancy - How to block re-entrancy in CosmWasm and LINE Blockchain The DAO Attack / Re-entrancy NFT Contracts - How NFT contracts are implemented Dynamic Link - Smart contracts interaction method developed by LINE - Taking advantages of WASM - Comparison between other chains (Ethereum, CosmWasm)
Interaction of Smart Contract - Desirable Features for Interactions - Blocking Re-entrancy - Interface Validation/Detection - Traditional Interaction Methods - Etheream: External Call - CosmWasm: Submessages / Reply - Dynamic Link: Method Developed by LINE
Interaction of Smart Contract - Desirable Features for Interactions - Blocking Re-entrancy - Interface Validation/Detection - Traditional Interaction Methods - Etheream: External Call - CosmWasm: Submessages / Reply - Dynamic Link: Method Developed by LINE
of records named block - Blockchain is a list of records - Example of records - “Alice sent 10LN to Bob” - “It is rain in Tokyo on 2022/11/13” - “Alice will pay 42LN to Bob if it will be rain in Tokyo on 2022/11/30” Records
- Smart Contract’s code is recorded in a block - Users can call them - Results are recorded in chain - Able to use other chain features - Smart Contract enables to add new logics to chain - Insurance Contract - Licence Register
smart contract - When users or contracts call another contract, - Instantiating a VM - With the storage of the callee - Executed with input from the entry point of the code - code parses the message - code executes some logic VM VM Storage call Code
NFT contract - Map of Avatar to license owners are recorded in the storage - Users can read or write info via exported functions in code - “listOwnedBy(who)” - “ownerOf(id)” - “buy(id)” - “transferFrom(who, who, id)” - These licenses are one of NFTs Avatar Shop foo : Alice bar : Bobr Code ownerOf(bar) buy(foo) transferFrom(Alice, Bob, foo) Bob succeed succeed listOwnedBy(Bob) [bar] Alice
a-bar b-foo b-bar Interaction Example: Agent Each smart contracts can interact with other contracts - Agent: a contract which is agent for translation of licenses - Example functions - Listing one’s license (uses “listOwnedBy”) - Mediating trades of licenses (uses “transferFrom”) a-foo: Alice a-bar: Bobr Avatar Shop Paint Shop Banner Shop Agent Alice Bob p-foo: Alice p-bar: Alice b-foo: Bobr b-bar: Bobr
Interaction of Smart Contract - Desirable Features for Interactions - Interface Validation/Detection - Blocking Re-entrancy - Traditional Interaction Methods - Etheream: External Call - CosmWasm: Submessages / Reply - Dynamic Link: Method Developed by LINE
attacking using it 100LN Balance Mallory can receive 1LN pay_to(Mallory) pay 1LN to Mallory then delete Mallory can receive 1LN Mallory can receive 1LN If the storage has Mallory when_I_am_paid call pay_to(Mallory) pay call pay call pay before commit! … Agent - Re-entrancy vulnerability is the cause of “The DAO Attack” - Caused by inadequacy of lock for the storage - Before delete “Mallory can receive 1LN” - Mallory can withdraw from their balance multiple times - Can withdraw ALL balances
supporting specified interface - Function to validate that the contract supports specified interface - Agent wants to know which is the shop contract - Shop publishes its interface - Agent asks shops whether it has the “License Shop Interface” Agent listOwnd whoOwns buy Avatar Shop License Shop Interface transferFrom listOwnd whoOwns buy Paint Shop License Shop Interface transferFrom Call functions Is it a license shop? Yes, it has License Shop Interface
Interaction of Smart Contract - Desirable Features for Interactions - Blocking Re-entrancy - Interface Validation/Detection - Traditional Interaction Methods - Etheream: External Call - CosmWasm: Submessages / Reply - Dynamic Link: Method Developed by LINE
another smart contract VM VM Storage call Code - When users or contracts call another contract, - Instantiating a VM - With the storage of the callee - Executed with input from the entry point of the code - code parses the message - code executes some logic
has multiple entry points Execute is given the read/write access. Query is given the read access. Ethereum’s VM has only 1 entry point The entry point dispatches input to each functions. Operations for writing are restricted by VM on the context. Ethereum Binary fn readOnly fn readWrite Dispatch CosmWasm Json Message execute migrate… reply… fn write1 fn write2 Dispatch query fn read1 fn read2 Dispatch Instantiate…
return submsgs, callback to reply Function returns “submessages” which are command to execute another contract’s function. The result is taken in the callback named “reply”. As like calling external library In source code, calling another contract as an external library. fn foo() { let res = callee.bar() do_something… } fn bar() { do_something… return result } Ethereum caller callee fn execute(msg) { do_something… let res = query(callee, msg) return submsg } fn reply(result) { do_something… return final_result fn query(msg) { do_something… return result } fn execute(msg) { do_something… return result } CosmWasm caller callee
secure to re-entrancy attack Secure to re-entrancy attack After the first call’s changes have been committed, reply call is occurred. Valuable to re-entrancy attack Before the first call’s changes have been committed, re-entrancy call is occurred. Contract1 Contract2 call call re-entrance Contract1 Contract2 sub message reply Ethereum CosmWasm call sub message reply
VM have no interface detection function, but Ethereum community has some protocols - A protocol and contract which is like a DB of map of contracts to interfaces - Developer implement the function to record its interfaces to DB Ethereum ERC1820 - Pseudo-introspection Registry Contract CosmWasm - There are no functions or protocols for interface validation / detection Ethereum ERC165 - Standard Interface Detection - A community based protocol and an interface for contracts publish interfaces it has - Developer implements the function to answer whither the contract has the specified interface
VM supports, Able to deploy vulnerable contract (There are some supporting tools to security checks) Interface Detection " Community based ERCs ! No VM supports, informations are contracts’ self-report Develop Experience " Calling other contracts as it is an external library like common programming languages
Re-entrancy " System blocks re- entrancy attack Interface Detection ! There are no supports -> improve with dynamic link Develop Experience " Each entry point has minimum authority. Able to communicate with other modules of CosmosSDK. ! Submessages and reply is a specialized way and a little complex -> improve with dynamic link
Interaction of Smart Contract - Desirable Features for Interactions - Blocking Re-entrancy - Interface Validation/Detection - Traditional Interaction Methods - Etheream: External Call - CosmWasm: Submessages / Reply - Dynamic Link: Method Developed by LINE
Key idea: a VM is a module - Imports are converted to external APIs of VM - Exports are converted to entry points of VM - Enable to call other contracts’ function as like external library - When callee contract is called, chain system instantiate callee VM and calls its entry point caller VM Import callee.bar fn foo () { let res = callee.bar() do_something… } callee VM export bar external API entry point chain system
System Blocks the re-entrancy System blocks calling the same contract multiple times in one callstack. System supports interface validation VM can check the interfaces of a contract by checking WASM header. Developers do not need to implement interface publishing functions. VM export foo(…) export bar(…) check_export foo(…), bar(…) caller callee Block
and taking WASM’s advantages in interface validation Blocking Re-entrancy " Re-entrancy is Blocked by chain # The way is a little add-hock Interface Validation Using WASM header’s information - " Always collect and always usable - " Developers do not need to implement something Develop Experience " Simple usage like Ethereum’s external call
WASM as contracts - WASM enables explicitly interface publishing - Simple interface validation Taking advantage of WASM Join our develop - LINE/CosmWasm is an OSS - Dynamic link has still add-hock restriction to avoid re-entrancy LINE developed the dynamic link: a new contract interaction method - Expansion of CosmWasm and improving developer experience - As simple usage as Ethereum’s external call - Blocking Re-entrancy by system