Arithmetic Issues in Solidity Smart Contracts

Introduction

Arithmetic issues, specifically integer overflow and underflow, are common vulnerabilities in Solidity smart contracts.

These issues occur when unsigned integers exceed their maximum value or go below their minimum value, wrapping around and causing unexpected behavior. This article will explore the attack vectors related to arithmetic issues in Solidity.

Vulnerability Points

1. Unchecked Withdrawal Function

Code Example:

solidityCopy code
function withdraw(uint _amount) {
    require(balances[msg.sender] - _amount > 0);
    msg.sender.transfer(_amount);
    balances[msg.sender] -= _amount;
}

Attack Vector:

The function does not properly check for integer underflow. An attacker can attempt to withdraw more than their balance, causing the balance to underflow and become a large positive number, effectively stealing funds from the contract.

2. Off-by-One Error in Array Manipulation

Code Example:

solidityCopy code
function popArrayOfThings() {
    require(arrayOfThings.length >= 0);
    arrayOfThings.length--;
}

Attack Vector:

The function does not account for the possibility of underflow when decrementing the array length. An attacker could exploit this to corrupt the state of the contract.

3. Unsigned Integer Arithmetic in Voting

Code Example:

solidityCopy code
function votes(uint postId, uint upvote, uint downvotes) {
    if (upvote - downvote < 0) {
        deletePost(postId);
    }
}

Attack Vector:

The function does not check for underflow in the subtraction operation. An attacker could manipulate the vote counts to trigger unintended post deletions.

4. Loop with Inadequate Data Type

Code Example:

solidityCopy code
for (var i = 0; i < somethingLarge; i++) {
    // ...
}

Attack Vector:

The loop uses the var keyword, which may resolve to a smaller data type like uint8. If somethingLarge exceeds 255, the loop will never complete, causing a denial of service.

Real-World Impact

• The DAO
• BatchOverflow and ProxyOverflow attacks affected multiple tokens.

Attack Scenarios

1. Balance Draining: An attacker exploits the unchecked withdrawal function to drain the contract’s funds.
2. State Corruption: An attacker exploits the off-by-one error to corrupt the contract’s state, potentially leading to further vulnerabilities.
3. Data Manipulation: An attacker exploits the unsigned integer arithmetic in voting to delete posts maliciously.
4. Denial of Service: An attacker exploits the loop with an inadequate data type to exhaust the contract’s gas, making it non-functional.

Mitigation Strategies

1. Use OpenZeppelin’s SafeMath library for arithmetic operations.
2. Always check for overflows and underflows using control statements.
3. Update to Solidity version 0.8.0 or higher, which automatically reverts on integer overflow and underflow.

Conclusion

Arithmetic issues like integer overflow and underflow are critical vulnerabilities in Solidity smart contracts. They can lead to a variety of attacks, including fund theft, state corruption, and denial of service.

Developers should be vigilant in checking for these issues and use available tools and libraries to mitigate the risks.