Integer Overflow and Underflow in Smart Contracts
What is an Integer Overflow/Underflow?
Ethereum Virtual Machine (EVM) defines fixed-size data types for integers. This implies that the range of numbers that an integer variable can represent is finite.
For instance, a “uint8” (unsigned integer of 8 bits; i.e., non-negative) can only store integers that fall between 0 and 255. The outcome of trying to store any value greater than 255 into an “uint8” will lead to an overflow. Similarly, the outcome of subtracting “1” from “0” will produce 255. This is called underflow.
When an arithmetic operation exceeds or falls short of a type’s maximum or minimum size, an overflow or underflow occurs.
For signed integers, the outcome will be a bit different. If we try subtracting “1” from an int8 whose value is -128, we get 127. This is because signed int types, which may represent negative values, start over once we reach the highest negative value.
Two straightforward examples of this behavior include periodic mathematical functions (adding 2 to the argument of sin leaves the value intact) and odometers in automobiles, which track distance traveled (they reset to 000000 after the maximum number, i.e., 999999, is exceeded).
How the PoWH Coin Ponzi Scheme Lost $800k Overnight: Case Study:
Proof of Weak Hands Coin (PoWHC) was a purposefully made Ponzi scheme created by an internet collective on 4chan. It went viral very quickly. Unfortunately, the contract was vulnerable to an integer underflow resulting in an exploit that allowed a malicious hacker to steal 866 Ethers.
The PoWH’s ERC-20 implementation had an “approve” function that enabled a user to “authorize” another user to transfer tokens on their behalf. This function was affected by an unsigned integer underflow.
The exploit could be initiated by an attacker approving tokens for the second account from the first account. However, the balance of the second account would be reduced by the sold coins from the first account. The second account would have a maximum possible balance of PoWH Coins due to the (unsigned) integer underflow.
The function transferFrom()just makes sure the caller is authorized to spend someone else’s coins. It is then calling the transferTokens()function.
The transferToken()function is making a call to sell(_value)with the amount inside the _valueparameter. The sell function is shown below:
The transferTokens()function was also taking an address _fromthat informs the function from whose account to deduct the tokens, but this parameter is no longer being passed in the sell()function. The function assumes that the “msg.sender” is the seller. Since the function sell()was invoked by the transferTokens()function, it is possible that the “msg.sender” is losing the coins that were not owned by them. If an empty second account is used to make this transfer, and only one PoWHCoin is sent, the second account’s balance will underflow to 2²⁵⁶-1.
Preventive Techniques for Integer Overflow/Underflow in Solidity:
Following are the preventive techniques for Integer Overflow/Underflow in Solidity:
Making Use of the latest Safe Math Libraries:
For the Ethereum community, OpenZeppelin has done a fantastic job creating and auditing secure libraries. Its SafeMath library, in particular, can be used to prevent under/overflow vulnerabilities.
It provides functions like add(), sub(), mul(), etc., that carry out basic arithmetic operations and automatically revert if an overflow or underflow occurs.
Utilizing Arithmetic Checks:
Prior to Solidity 0.8.0, when an underflow or overflow occurred, arithmetic operations would always wrap, which led to the widespread adoption of libraries that add extra checks.
Since Solidity 0.8.0, all arithmetic operations have been designed to automatically revert on overflow and underflow, negating the need for these libraries. You can use a checked arithmetic block to get the former behavior.
Conclusion:
Understanding signed and unsigned numbers, integer overflow/underflow attacks, and how computers represent numbers are all essential to comprehending the full extent of overflow and underflow issues.
As demonstrated by real-world examples and attacks, a seemingly straightforward issue can create opportunities for exploitation and contribute to the loss of millions of dollars in cryptocurrencies.
You can rely on SolidityScan to ensure that the proper steps are taken to achieve the highest level of smart contract security. Signup for a free trial https://solidityscan.com/signup
