From 1a256f2a24cdfe0998787c68c2cf01fb47ce90a1 Mon Sep 17 00:00:00 2001 From: Oleg Nikonychev Date: Sat, 28 Dec 2024 14:17:58 +0400 Subject: [PATCH] fix(evm): issue with infinite recursion in erc20 funtoken contracts (#2129) * fix(evm): issue with infinite recursion in erc20 funtoken contracts * fix(evm): issue with infinite recursion in erc20 funtoken contracts * chore: changelog update * fix: flooring 1/64 of the gas limit --- CHANGELOG.md | 1 + .../TestInfiniteRecursionERC20.json | 316 ++++++++++++++++++ .../contracts/TestInfiniteRecursionERC20.sol | 41 +++ x/evm/embeds/embeds.go | 9 + x/evm/embeds/embeds_test.go | 1 + x/evm/keeper/erc20.go | 21 +- x/evm/keeper/funtoken_from_erc20_test.go | 67 ++++ 7 files changed, 450 insertions(+), 6 deletions(-) create mode 100644 x/evm/embeds/artifacts/contracts/TestInfiniteRecursionERC20.sol/TestInfiniteRecursionERC20.json create mode 100644 x/evm/embeds/contracts/TestInfiniteRecursionERC20.sol diff --git a/CHANGELOG.md b/CHANGELOG.md index efc5f45f4..82c7e5ad5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -51,6 +51,7 @@ only on the "bankkeeper.BaseKeeper"'s gas consumption. Remove unnecessary argument in the `VerifyFee` function, which returns the token payment required based on the effective fee from the tx data. Improve documentation. +- [#2129](https://github.com/NibiruChain/nibiru/pull/2129) - fix(evm): issue with infinite recursion in erc20 funtoken contracts #### Nibiru EVM | Before Audit 2 - 2024-12-06 diff --git a/x/evm/embeds/artifacts/contracts/TestInfiniteRecursionERC20.sol/TestInfiniteRecursionERC20.json b/x/evm/embeds/artifacts/contracts/TestInfiniteRecursionERC20.sol/TestInfiniteRecursionERC20.json new file mode 100644 index 000000000..536693168 --- /dev/null +++ b/x/evm/embeds/artifacts/contracts/TestInfiniteRecursionERC20.sol/TestInfiniteRecursionERC20.json @@ -0,0 +1,316 @@ +{ + "_format": "hh-sol-artifact-1", + "contractName": "TestInfiniteRecursionERC20", + "sourceName": "contracts/TestInfiniteRecursionERC20.sol", + "abi": [ + { + "inputs": [ + { + "internalType": "string", + "name": "name", + "type": "string" + }, + { + "internalType": "string", + "name": "symbol", + "type": "string" + }, + { + "internalType": "uint8", + "name": "decimals_", + "type": "uint8" + } + ], + "stateMutability": "nonpayable", + "type": "constructor" + }, + { + "anonymous": false, + "inputs": [ + { + "indexed": true, + "internalType": "address", + "name": "owner", + "type": "address" + }, + { + "indexed": true, + "internalType": "address", + "name": "spender", + "type": "address" + }, + { + "indexed": false, + "internalType": "uint256", + "name": "value", + "type": "uint256" + } + ], + "name": "Approval", + "type": "event" + }, + { + "anonymous": false, + "inputs": [ + { + "indexed": true, + "internalType": "address", + "name": "from", + "type": "address" + }, + { + "indexed": true, + "internalType": "address", + "name": "to", + "type": "address" + }, + { + "indexed": false, + "internalType": "uint256", + "name": "value", + "type": "uint256" + } + ], + "name": "Transfer", + "type": "event" + }, + { + "inputs": [ + { + "internalType": "address", + "name": "owner", + "type": "address" + }, + { + "internalType": "address", + "name": "spender", + "type": "address" + } + ], + "name": "allowance", + "outputs": [ + { + "internalType": "uint256", + "name": "", + "type": "uint256" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [ + { + "internalType": "address", + "name": "spender", + "type": "address" + }, + { + "internalType": "uint256", + "name": "amount", + "type": "uint256" + } + ], + "name": "approve", + "outputs": [ + { + "internalType": "bool", + "name": "", + "type": "bool" + } + ], + "stateMutability": "nonpayable", + "type": "function" + }, + { + "inputs": [], + "name": "attackBalance", + "outputs": [], + "stateMutability": "nonpayable", + "type": "function" + }, + { + "inputs": [], + "name": "attackTransfer", + "outputs": [], + "stateMutability": "nonpayable", + "type": "function" + }, + { + "inputs": [ + { + "internalType": "address", + "name": "who", + "type": "address" + } + ], + "name": "balanceOf", + "outputs": [ + { + "internalType": "uint256", + "name": "", + "type": "uint256" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [], + "name": "decimals", + "outputs": [ + { + "internalType": "uint8", + "name": "", + "type": "uint8" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [ + { + "internalType": "address", + "name": "spender", + "type": "address" + }, + { + "internalType": "uint256", + "name": "subtractedValue", + "type": "uint256" + } + ], + "name": "decreaseAllowance", + "outputs": [ + { + "internalType": "bool", + "name": "", + "type": "bool" + } + ], + "stateMutability": "nonpayable", + "type": "function" + }, + { + "inputs": [ + { + "internalType": "address", + "name": "spender", + "type": "address" + }, + { + "internalType": "uint256", + "name": "addedValue", + "type": "uint256" + } + ], + "name": "increaseAllowance", + "outputs": [ + { + "internalType": "bool", + "name": "", + "type": "bool" + } + ], + "stateMutability": "nonpayable", + "type": "function" + }, + { + "inputs": [], + "name": "name", + "outputs": [ + { + "internalType": "string", + "name": "", + "type": "string" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [], + "name": "symbol", + "outputs": [ + { + "internalType": "string", + "name": "", + "type": "string" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [], + "name": "totalSupply", + "outputs": [ + { + "internalType": "uint256", + "name": "", + "type": "uint256" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [ + { + "internalType": "address", + "name": "to", + "type": "address" + }, + { + "internalType": "uint256", + "name": "amount", + "type": "uint256" + } + ], + "name": "transfer", + "outputs": [ + { + "internalType": "bool", + "name": "", + "type": "bool" + } + ], + "stateMutability": "nonpayable", + "type": "function" + }, + { + "inputs": [ + { + "internalType": "address", + "name": "from", + "type": "address" + }, + { + "internalType": "address", + "name": "to", + "type": "address" + }, + { + "internalType": "uint256", + "name": "amount", + "type": "uint256" + } + ], + "name": "transferFrom", + "outputs": [ + { + "internalType": "bool", + "name": "", + "type": "bool" + } + ], + "stateMutability": "nonpayable", + "type": "function" + } + ], + "bytecode": "0x60806040523480156200001157600080fd5b5060405162001df438038062001df48339818101604052810190620000379190620003cc565b828281600390816200004a9190620006b1565b5080600490816200005c9190620006b1565b5050506200007b3369d3c21bcecceda10000006200008460201b60201c565b505050620008b3565b600073ffffffffffffffffffffffffffffffffffffffff168273ffffffffffffffffffffffffffffffffffffffff1603620000f6576040517f08c379a0000000000000000000000000000000000000000000000000000000008152600401620000ed90620007f9565b60405180910390fd5b6200010a60008383620001f160201b60201c565b80600260008282546200011e91906200084a565b92505081905550806000808473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff168152602001908152602001600020600082825401925050819055508173ffffffffffffffffffffffffffffffffffffffff16600073ffffffffffffffffffffffffffffffffffffffff167fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef83604051620001d1919062000896565b60405180910390a3620001ed60008383620001f660201b60201c565b5050565b505050565b505050565b6000604051905090565b600080fd5b600080fd5b600080fd5b600080fd5b6000601f19601f8301169050919050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b620002648262000219565b810181811067ffffffffffffffff821117156200028657620002856200022a565b5b80604052505050565b60006200029b620001fb565b9050620002a9828262000259565b919050565b600067ffffffffffffffff821115620002cc57620002cb6200022a565b5b620002d78262000219565b9050602081019050919050565b60005b8381101562000304578082015181840152602081019050620002e7565b60008484015250505050565b6000620003276200032184620002ae565b6200028f565b90508281526020810184848401111562000346576200034562000214565b5b62000353848285620002e4565b509392505050565b600082601f8301126200037357620003726200020f565b5b81516200038584826020860162000310565b91505092915050565b600060ff82169050919050565b620003a6816200038e565b8114620003b257600080fd5b50565b600081519050620003c6816200039b565b92915050565b600080600060608486031215620003e857620003e762000205565b5b600084015167ffffffffffffffff8111156200040957620004086200020a565b5b62000417868287016200035b565b935050602084015167ffffffffffffffff8111156200043b576200043a6200020a565b5b62000449868287016200035b565b92505060406200045c86828701620003b5565b9150509250925092565b600081519050919050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052602260045260246000fd5b60006002820490506001821680620004b957607f821691505b602082108103620004cf57620004ce62000471565b5b50919050565b60008190508160005260206000209050919050565b60006020601f8301049050919050565b600082821b905092915050565b600060088302620005397fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff82620004fa565b620005458683620004fa565b95508019841693508086168417925050509392505050565b6000819050919050565b6000819050919050565b6000620005926200058c62000586846200055d565b62000567565b6200055d565b9050919050565b6000819050919050565b620005ae8362000571565b620005c6620005bd8262000599565b84845462000507565b825550505050565b600090565b620005dd620005ce565b620005ea818484620005a3565b505050565b5b81811015620006125762000606600082620005d3565b600181019050620005f0565b5050565b601f82111562000661576200062b81620004d5565b6200063684620004ea565b8101602085101562000646578190505b6200065e6200065585620004ea565b830182620005ef565b50505b505050565b600082821c905092915050565b6000620006866000198460080262000666565b1980831691505092915050565b6000620006a1838362000673565b9150826002028217905092915050565b620006bc8262000466565b67ffffffffffffffff811115620006d857620006d76200022a565b5b620006e48254620004a0565b620006f182828562000616565b600060209050601f83116001811462000729576000841562000714578287015190505b62000720858262000693565b86555062000790565b601f1984166200073986620004d5565b60005b8281101562000763578489015182556001820191506020850194506020810190506200073c565b868310156200078357848901516200077f601f89168262000673565b8355505b6001600288020188555050505b505050505050565b600082825260208201905092915050565b7f45524332303a206d696e7420746f20746865207a65726f206164647265737300600082015250565b6000620007e1601f8362000798565b9150620007ee82620007a9565b602082019050919050565b600060208201905081810360008301526200081481620007d2565b9050919050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052601160045260246000fd5b600062000857826200055d565b915062000864836200055d565b92508282019050808211156200087f576200087e6200081b565b5b92915050565b62000890816200055d565b82525050565b6000602082019050620008ad600083018462000885565b92915050565b61153180620008c36000396000f3fe608060405234801561001057600080fd5b50600436106100cf5760003560e01c806370a082311161008c57806395d89b411161006657806395d89b4114610202578063a457c2d714610220578063a9059cbb14610250578063dd62ed3e14610280576100cf565b806370a08231146101be5780637a7ffab0146101ee5780638cd64727146101f8576100cf565b806306fdde03146100d4578063095ea7b3146100f257806318160ddd1461012257806323b872dd14610140578063313ce56714610170578063395093511461018e575b600080fd5b6100dc6102b0565b6040516100e99190610c88565b60405180910390f35b61010c60048036038101906101079190610d43565b610342565b6040516101199190610d9e565b60405180910390f35b61012a610365565b6040516101379190610dc8565b60405180910390f35b61015a60048036038101906101559190610de3565b61036f565b6040516101679190610d9e565b60405180910390f35b61017861039e565b6040516101859190610e52565b60405180910390f35b6101a860048036038101906101a39190610d43565b6103a7565b6040516101b59190610d9e565b60405180910390f35b6101d860048036038101906101d39190610e6d565b6103de565b6040516101e59190610dc8565b60405180910390f35b6101f66104e2565b005b6102006104f1565b005b61020a6104fe565b6040516102179190610c88565b60405180910390f35b61023a60048036038101906102359190610d43565b610590565b6040516102479190610d9e565b60405180910390f35b61026a60048036038101906102659190610d43565b610607565b6040516102779190610d9e565b60405180910390f35b61029a60048036038101906102959190610e9a565b610694565b6040516102a79190610dc8565b60405180910390f35b6060600380546102bf90610f09565b80601f01602080910402602001604051908101604052809291908181526020018280546102eb90610f09565b80156103385780601f1061030d57610100808354040283529160200191610338565b820191906000526020600020905b81548152906001019060200180831161031b57829003601f168201915b5050505050905090565b60008061034d61071b565b905061035a818585610723565b600191505092915050565b6000600254905090565b60008061037a61071b565b90506103878582856108ec565b610392858585610978565b60019150509392505050565b60006012905090565b6000806103b261071b565b90506103d38185856103c48589610694565b6103ce9190610f69565b610723565b600191505092915050565b600061080073ffffffffffffffffffffffffffffffffffffffff16823060405160240161040c929190610fac565b6040516020818303038152906040527fb203bb99000000000000000000000000000000000000000000000000000000007bffffffffffffffffffffffffffffffffffffffffffffffffffffffff19166020820180517bffffffffffffffffffffffffffffffffffffffffffffffffffffffff8381831617835250505050604051610496919061101c565b600060405180830381855afa9150503d80600081146104d1576040519150601f19603f3d011682016040523d82523d6000602084013e6104d6565b606091505b50505060009050919050565b6104ee60006001610607565b50565b6104fb60006103de565b50565b60606004805461050d90610f09565b80601f016020809104026020016040519081016040528092919081815260200182805461053990610f09565b80156105865780601f1061055b57610100808354040283529160200191610586565b820191906000526020600020905b81548152906001019060200180831161056957829003601f168201915b5050505050905090565b60008061059b61071b565b905060006105a98286610694565b9050838110156105ee576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004016105e5906110a5565b60405180910390fd5b6105fb8286868403610723565b60019250505092915050565b600061080073ffffffffffffffffffffffffffffffffffffffff1663e77a47bf30846040518363ffffffff1660e01b8152600401610646929190611137565b6020604051808303816000875af1158015610665573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906106899190611188565b506001905092915050565b6000600160008473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200190815260200160002060008373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200190815260200160002054905092915050565b600033905090565b600073ffffffffffffffffffffffffffffffffffffffff168373ffffffffffffffffffffffffffffffffffffffff1603610792576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040161078990611227565b60405180910390fd5b600073ffffffffffffffffffffffffffffffffffffffff168273ffffffffffffffffffffffffffffffffffffffff1603610801576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004016107f8906112b9565b60405180910390fd5b80600160008573ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200190815260200160002060008473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff168152602001908152602001600020819055508173ffffffffffffffffffffffffffffffffffffffff168373ffffffffffffffffffffffffffffffffffffffff167f8c5be1e5ebec7d5bd14f71427d1e84f3dd0314c0f7b2291e5b200ac8c7c3b925836040516108df9190610dc8565b60405180910390a3505050565b60006108f88484610694565b90507fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff81146109725781811015610964576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040161095b90611325565b60405180910390fd5b6109718484848403610723565b5b50505050565b600073ffffffffffffffffffffffffffffffffffffffff168373ffffffffffffffffffffffffffffffffffffffff16036109e7576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004016109de906113b7565b60405180910390fd5b600073ffffffffffffffffffffffffffffffffffffffff168273ffffffffffffffffffffffffffffffffffffffff1603610a56576040517f08c379a0000000000000000000000000000000000000000000000000000000008152600401610a4d90611449565b60405180910390fd5b610a61838383610bee565b60008060008573ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200190815260200160002054905081811015610ae7576040517f08c379a0000000000000000000000000000000000000000000000000000000008152600401610ade906114db565b60405180910390fd5b8181036000808673ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200190815260200160002081905550816000808573ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff168152602001908152602001600020600082825401925050819055508273ffffffffffffffffffffffffffffffffffffffff168473ffffffffffffffffffffffffffffffffffffffff167fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef84604051610bd59190610dc8565b60405180910390a3610be8848484610bf3565b50505050565b505050565b505050565b600081519050919050565b600082825260208201905092915050565b60005b83811015610c32578082015181840152602081019050610c17565b60008484015250505050565b6000601f19601f8301169050919050565b6000610c5a82610bf8565b610c648185610c03565b9350610c74818560208601610c14565b610c7d81610c3e565b840191505092915050565b60006020820190508181036000830152610ca28184610c4f565b905092915050565b600080fd5b600073ffffffffffffffffffffffffffffffffffffffff82169050919050565b6000610cda82610caf565b9050919050565b610cea81610ccf565b8114610cf557600080fd5b50565b600081359050610d0781610ce1565b92915050565b6000819050919050565b610d2081610d0d565b8114610d2b57600080fd5b50565b600081359050610d3d81610d17565b92915050565b60008060408385031215610d5a57610d59610caa565b5b6000610d6885828601610cf8565b9250506020610d7985828601610d2e565b9150509250929050565b60008115159050919050565b610d9881610d83565b82525050565b6000602082019050610db36000830184610d8f565b92915050565b610dc281610d0d565b82525050565b6000602082019050610ddd6000830184610db9565b92915050565b600080600060608486031215610dfc57610dfb610caa565b5b6000610e0a86828701610cf8565b9350506020610e1b86828701610cf8565b9250506040610e2c86828701610d2e565b9150509250925092565b600060ff82169050919050565b610e4c81610e36565b82525050565b6000602082019050610e676000830184610e43565b92915050565b600060208284031215610e8357610e82610caa565b5b6000610e9184828501610cf8565b91505092915050565b60008060408385031215610eb157610eb0610caa565b5b6000610ebf85828601610cf8565b9250506020610ed085828601610cf8565b9150509250929050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052602260045260246000fd5b60006002820490506001821680610f2157607f821691505b602082108103610f3457610f33610eda565b5b50919050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052601160045260246000fd5b6000610f7482610d0d565b9150610f7f83610d0d565b9250828201905080821115610f9757610f96610f3a565b5b92915050565b610fa681610ccf565b82525050565b6000604082019050610fc16000830185610f9d565b610fce6020830184610f9d565b9392505050565b600081519050919050565b600081905092915050565b6000610ff682610fd5565b6110008185610fe0565b9350611010818560208601610c14565b80840191505092915050565b60006110288284610feb565b915081905092915050565b7f45524332303a2064656372656173656420616c6c6f77616e63652062656c6f7760008201527f207a65726f000000000000000000000000000000000000000000000000000000602082015250565b600061108f602583610c03565b915061109a82611033565b604082019050919050565b600060208201905081810360008301526110be81611082565b9050919050565b7f6e696269317a616176767a78657a30656c756e64746e3332716e6b396c6b6d3860008201527f6b6d63737a34346737786c000000000000000000000000000000000000000000602082015250565b6000611121602b83610c03565b915061112c826110c5565b604082019050919050565b600060608201905061114c6000830185610f9d565b6111596020830184610db9565b818103604083015261116a81611114565b90509392505050565b60008151905061118281610d17565b92915050565b60006020828403121561119e5761119d610caa565b5b60006111ac84828501611173565b91505092915050565b7f45524332303a20617070726f76652066726f6d20746865207a65726f2061646460008201527f7265737300000000000000000000000000000000000000000000000000000000602082015250565b6000611211602483610c03565b915061121c826111b5565b604082019050919050565b6000602082019050818103600083015261124081611204565b9050919050565b7f45524332303a20617070726f766520746f20746865207a65726f20616464726560008201527f7373000000000000000000000000000000000000000000000000000000000000602082015250565b60006112a3602283610c03565b91506112ae82611247565b604082019050919050565b600060208201905081810360008301526112d281611296565b9050919050565b7f45524332303a20696e73756666696369656e7420616c6c6f77616e6365000000600082015250565b600061130f601d83610c03565b915061131a826112d9565b602082019050919050565b6000602082019050818103600083015261133e81611302565b9050919050565b7f45524332303a207472616e736665722066726f6d20746865207a65726f20616460008201527f6472657373000000000000000000000000000000000000000000000000000000602082015250565b60006113a1602583610c03565b91506113ac82611345565b604082019050919050565b600060208201905081810360008301526113d081611394565b9050919050565b7f45524332303a207472616e7366657220746f20746865207a65726f206164647260008201527f6573730000000000000000000000000000000000000000000000000000000000602082015250565b6000611433602383610c03565b915061143e826113d7565b604082019050919050565b6000602082019050818103600083015261146281611426565b9050919050565b7f45524332303a207472616e7366657220616d6f756e742065786365656473206260008201527f616c616e63650000000000000000000000000000000000000000000000000000602082015250565b60006114c5602683610c03565b91506114d082611469565b604082019050919050565b600060208201905081810360008301526114f4816114b8565b905091905056fea264697066735822122096c68f812e5de57f5cf1d71e46f7d6a21c025911ca1f9c5f849f3bb63235d4e764736f6c63430008180033", + "deployedBytecode": "0x608060405234801561001057600080fd5b50600436106100cf5760003560e01c806370a082311161008c57806395d89b411161006657806395d89b4114610202578063a457c2d714610220578063a9059cbb14610250578063dd62ed3e14610280576100cf565b806370a08231146101be5780637a7ffab0146101ee5780638cd64727146101f8576100cf565b806306fdde03146100d4578063095ea7b3146100f257806318160ddd1461012257806323b872dd14610140578063313ce56714610170578063395093511461018e575b600080fd5b6100dc6102b0565b6040516100e99190610c88565b60405180910390f35b61010c60048036038101906101079190610d43565b610342565b6040516101199190610d9e565b60405180910390f35b61012a610365565b6040516101379190610dc8565b60405180910390f35b61015a60048036038101906101559190610de3565b61036f565b6040516101679190610d9e565b60405180910390f35b61017861039e565b6040516101859190610e52565b60405180910390f35b6101a860048036038101906101a39190610d43565b6103a7565b6040516101b59190610d9e565b60405180910390f35b6101d860048036038101906101d39190610e6d565b6103de565b6040516101e59190610dc8565b60405180910390f35b6101f66104e2565b005b6102006104f1565b005b61020a6104fe565b6040516102179190610c88565b60405180910390f35b61023a60048036038101906102359190610d43565b610590565b6040516102479190610d9e565b60405180910390f35b61026a60048036038101906102659190610d43565b610607565b6040516102779190610d9e565b60405180910390f35b61029a60048036038101906102959190610e9a565b610694565b6040516102a79190610dc8565b60405180910390f35b6060600380546102bf90610f09565b80601f01602080910402602001604051908101604052809291908181526020018280546102eb90610f09565b80156103385780601f1061030d57610100808354040283529160200191610338565b820191906000526020600020905b81548152906001019060200180831161031b57829003601f168201915b5050505050905090565b60008061034d61071b565b905061035a818585610723565b600191505092915050565b6000600254905090565b60008061037a61071b565b90506103878582856108ec565b610392858585610978565b60019150509392505050565b60006012905090565b6000806103b261071b565b90506103d38185856103c48589610694565b6103ce9190610f69565b610723565b600191505092915050565b600061080073ffffffffffffffffffffffffffffffffffffffff16823060405160240161040c929190610fac565b6040516020818303038152906040527fb203bb99000000000000000000000000000000000000000000000000000000007bffffffffffffffffffffffffffffffffffffffffffffffffffffffff19166020820180517bffffffffffffffffffffffffffffffffffffffffffffffffffffffff8381831617835250505050604051610496919061101c565b600060405180830381855afa9150503d80600081146104d1576040519150601f19603f3d011682016040523d82523d6000602084013e6104d6565b606091505b50505060009050919050565b6104ee60006001610607565b50565b6104fb60006103de565b50565b60606004805461050d90610f09565b80601f016020809104026020016040519081016040528092919081815260200182805461053990610f09565b80156105865780601f1061055b57610100808354040283529160200191610586565b820191906000526020600020905b81548152906001019060200180831161056957829003601f168201915b5050505050905090565b60008061059b61071b565b905060006105a98286610694565b9050838110156105ee576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004016105e5906110a5565b60405180910390fd5b6105fb8286868403610723565b60019250505092915050565b600061080073ffffffffffffffffffffffffffffffffffffffff1663e77a47bf30846040518363ffffffff1660e01b8152600401610646929190611137565b6020604051808303816000875af1158015610665573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906106899190611188565b506001905092915050565b6000600160008473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200190815260200160002060008373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200190815260200160002054905092915050565b600033905090565b600073ffffffffffffffffffffffffffffffffffffffff168373ffffffffffffffffffffffffffffffffffffffff1603610792576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040161078990611227565b60405180910390fd5b600073ffffffffffffffffffffffffffffffffffffffff168273ffffffffffffffffffffffffffffffffffffffff1603610801576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004016107f8906112b9565b60405180910390fd5b80600160008573ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200190815260200160002060008473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff168152602001908152602001600020819055508173ffffffffffffffffffffffffffffffffffffffff168373ffffffffffffffffffffffffffffffffffffffff167f8c5be1e5ebec7d5bd14f71427d1e84f3dd0314c0f7b2291e5b200ac8c7c3b925836040516108df9190610dc8565b60405180910390a3505050565b60006108f88484610694565b90507fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff81146109725781811015610964576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040161095b90611325565b60405180910390fd5b6109718484848403610723565b5b50505050565b600073ffffffffffffffffffffffffffffffffffffffff168373ffffffffffffffffffffffffffffffffffffffff16036109e7576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004016109de906113b7565b60405180910390fd5b600073ffffffffffffffffffffffffffffffffffffffff168273ffffffffffffffffffffffffffffffffffffffff1603610a56576040517f08c379a0000000000000000000000000000000000000000000000000000000008152600401610a4d90611449565b60405180910390fd5b610a61838383610bee565b60008060008573ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200190815260200160002054905081811015610ae7576040517f08c379a0000000000000000000000000000000000000000000000000000000008152600401610ade906114db565b60405180910390fd5b8181036000808673ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200190815260200160002081905550816000808573ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff168152602001908152602001600020600082825401925050819055508273ffffffffffffffffffffffffffffffffffffffff168473ffffffffffffffffffffffffffffffffffffffff167fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef84604051610bd59190610dc8565b60405180910390a3610be8848484610bf3565b50505050565b505050565b505050565b600081519050919050565b600082825260208201905092915050565b60005b83811015610c32578082015181840152602081019050610c17565b60008484015250505050565b6000601f19601f8301169050919050565b6000610c5a82610bf8565b610c648185610c03565b9350610c74818560208601610c14565b610c7d81610c3e565b840191505092915050565b60006020820190508181036000830152610ca28184610c4f565b905092915050565b600080fd5b600073ffffffffffffffffffffffffffffffffffffffff82169050919050565b6000610cda82610caf565b9050919050565b610cea81610ccf565b8114610cf557600080fd5b50565b600081359050610d0781610ce1565b92915050565b6000819050919050565b610d2081610d0d565b8114610d2b57600080fd5b50565b600081359050610d3d81610d17565b92915050565b60008060408385031215610d5a57610d59610caa565b5b6000610d6885828601610cf8565b9250506020610d7985828601610d2e565b9150509250929050565b60008115159050919050565b610d9881610d83565b82525050565b6000602082019050610db36000830184610d8f565b92915050565b610dc281610d0d565b82525050565b6000602082019050610ddd6000830184610db9565b92915050565b600080600060608486031215610dfc57610dfb610caa565b5b6000610e0a86828701610cf8565b9350506020610e1b86828701610cf8565b9250506040610e2c86828701610d2e565b9150509250925092565b600060ff82169050919050565b610e4c81610e36565b82525050565b6000602082019050610e676000830184610e43565b92915050565b600060208284031215610e8357610e82610caa565b5b6000610e9184828501610cf8565b91505092915050565b60008060408385031215610eb157610eb0610caa565b5b6000610ebf85828601610cf8565b9250506020610ed085828601610cf8565b9150509250929050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052602260045260246000fd5b60006002820490506001821680610f2157607f821691505b602082108103610f3457610f33610eda565b5b50919050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052601160045260246000fd5b6000610f7482610d0d565b9150610f7f83610d0d565b9250828201905080821115610f9757610f96610f3a565b5b92915050565b610fa681610ccf565b82525050565b6000604082019050610fc16000830185610f9d565b610fce6020830184610f9d565b9392505050565b600081519050919050565b600081905092915050565b6000610ff682610fd5565b6110008185610fe0565b9350611010818560208601610c14565b80840191505092915050565b60006110288284610feb565b915081905092915050565b7f45524332303a2064656372656173656420616c6c6f77616e63652062656c6f7760008201527f207a65726f000000000000000000000000000000000000000000000000000000602082015250565b600061108f602583610c03565b915061109a82611033565b604082019050919050565b600060208201905081810360008301526110be81611082565b9050919050565b7f6e696269317a616176767a78657a30656c756e64746e3332716e6b396c6b6d3860008201527f6b6d63737a34346737786c000000000000000000000000000000000000000000602082015250565b6000611121602b83610c03565b915061112c826110c5565b604082019050919050565b600060608201905061114c6000830185610f9d565b6111596020830184610db9565b818103604083015261116a81611114565b90509392505050565b60008151905061118281610d17565b92915050565b60006020828403121561119e5761119d610caa565b5b60006111ac84828501611173565b91505092915050565b7f45524332303a20617070726f76652066726f6d20746865207a65726f2061646460008201527f7265737300000000000000000000000000000000000000000000000000000000602082015250565b6000611211602483610c03565b915061121c826111b5565b604082019050919050565b6000602082019050818103600083015261124081611204565b9050919050565b7f45524332303a20617070726f766520746f20746865207a65726f20616464726560008201527f7373000000000000000000000000000000000000000000000000000000000000602082015250565b60006112a3602283610c03565b91506112ae82611247565b604082019050919050565b600060208201905081810360008301526112d281611296565b9050919050565b7f45524332303a20696e73756666696369656e7420616c6c6f77616e6365000000600082015250565b600061130f601d83610c03565b915061131a826112d9565b602082019050919050565b6000602082019050818103600083015261133e81611302565b9050919050565b7f45524332303a207472616e736665722066726f6d20746865207a65726f20616460008201527f6472657373000000000000000000000000000000000000000000000000000000602082015250565b60006113a1602583610c03565b91506113ac82611345565b604082019050919050565b600060208201905081810360008301526113d081611394565b9050919050565b7f45524332303a207472616e7366657220746f20746865207a65726f206164647260008201527f6573730000000000000000000000000000000000000000000000000000000000602082015250565b6000611433602383610c03565b915061143e826113d7565b604082019050919050565b6000602082019050818103600083015261146281611426565b9050919050565b7f45524332303a207472616e7366657220616d6f756e742065786365656473206260008201527f616c616e63650000000000000000000000000000000000000000000000000000602082015250565b60006114c5602683610c03565b91506114d082611469565b604082019050919050565b600060208201905081810360008301526114f4816114b8565b905091905056fea264697066735822122096c68f812e5de57f5cf1d71e46f7d6a21c025911ca1f9c5f849f3bb63235d4e764736f6c63430008180033", + "linkReferences": {}, + "deployedLinkReferences": {} +} diff --git a/x/evm/embeds/contracts/TestInfiniteRecursionERC20.sol b/x/evm/embeds/contracts/TestInfiniteRecursionERC20.sol new file mode 100644 index 000000000..0917f74db --- /dev/null +++ b/x/evm/embeds/contracts/TestInfiniteRecursionERC20.sol @@ -0,0 +1,41 @@ +// SPDX-License-Identifier: MIT +pragma solidity ^0.8.0; + +import "./IFunToken.sol"; +import "@openzeppelin/contracts/token/ERC20/ERC20.sol"; + +contract TestInfiniteRecursionERC20 is ERC20 { + constructor(string memory name, string memory symbol, uint8 decimals_) + ERC20(name, symbol) { + _mint(msg.sender, 1000000 * 10**18); + } + + function balanceOf(address who) public view virtual override returns (uint256) { + // recurse through funtoken.balance(who, address(this)) + address(FUNTOKEN_PRECOMPILE_ADDRESS).staticcall( + abi.encodeWithSignature( + "balance(address,address)", + who, + address(this)) + ); + return 0; + } + + function transfer(address to, uint256 amount) public override returns (bool) { + // recurse through funtoken sendToBank + FUNTOKEN_PRECOMPILE.sendToBank( + address(this), + amount, + "nibi1zaavvzxez0elundtn32qnk9lkm8kmcsz44g7xl" // does not matter, it's not reached + ); + return true; + } + + function attackBalance() public { + balanceOf(address(0)); + } + + function attackTransfer() public { + transfer(address(0), 1); + } +} diff --git a/x/evm/embeds/embeds.go b/x/evm/embeds/embeds.go index b3676de17..448d7d2fd 100644 --- a/x/evm/embeds/embeds.go +++ b/x/evm/embeds/embeds.go @@ -37,6 +37,8 @@ var ( testNativeSendThenPrecompileSendJson []byte //go:embed artifacts/contracts/TestPrecompileSelfCallRevert.sol/TestPrecompileSelfCallRevert.json testPrecompileSelfCallRevertJson []byte + //go:embed artifacts/contracts/TestInfiniteRecursionERC20.sol/TestInfiniteRecursionERC20.json + testInfiniteRecursionERC20Json []byte ) var ( @@ -118,6 +120,12 @@ var ( Name: "TestPrecompileSelfCallRevert.sol", EmbedJSON: testPrecompileSelfCallRevertJson, } + // SmartContract_TestInfiniteRecursionERC20 is a test contract + // which simulates malicious ERC20 behavior by adding infinite recursion in transfer() and balanceOf() functions + SmartContract_TestInfiniteRecursionERC20 = CompiledEvmContract{ + Name: "TestInfiniteRecursionERC20.sol", + EmbedJSON: testInfiniteRecursionERC20Json, + } ) func init() { @@ -132,6 +140,7 @@ func init() { SmartContract_TestNativeSendThenPrecompileSendJson.MustLoad() SmartContract_TestERC20TransferThenPrecompileSend.MustLoad() SmartContract_TestPrecompileSelfCallRevert.MustLoad() + SmartContract_TestInfiniteRecursionERC20.MustLoad() } type CompiledEvmContract struct { diff --git a/x/evm/embeds/embeds_test.go b/x/evm/embeds/embeds_test.go index 91a5bf830..fab0a6457 100644 --- a/x/evm/embeds/embeds_test.go +++ b/x/evm/embeds/embeds_test.go @@ -19,5 +19,6 @@ func TestLoadContracts(t *testing.T) { embeds.SmartContract_TestFunTokenPrecompileLocalGas.MustLoad() embeds.SmartContract_TestNativeSendThenPrecompileSendJson.MustLoad() embeds.SmartContract_TestERC20TransferThenPrecompileSend.MustLoad() + embeds.SmartContract_TestInfiniteRecursionERC20.MustLoad() }) } diff --git a/x/evm/keeper/erc20.go b/x/evm/keeper/erc20.go index ed32a5788..ef8140f92 100644 --- a/x/evm/keeper/erc20.go +++ b/x/evm/keeper/erc20.go @@ -3,6 +3,7 @@ package keeper import ( "fmt" + "math" "math/big" "cosmossdk.io/errors" @@ -26,6 +27,14 @@ const ( Erc20GasLimitExecute uint64 = 200_000 ) +// getCallGas returns the gas limit for a call to an ERC20 contract following 63/64 rule (EIP-150) +// protection against recursive calls ERC20 -> precompile -> ERC20. +func getCallGasWithLimit(ctx sdk.Context, gasLimit uint64) uint64 { + availableGas := ctx.GasMeter().GasRemaining() + callGas := availableGas - uint64(math.Floor(float64(availableGas)/64)) + return min(callGas, gasLimit) +} + // ERC20 returns a mutable reference to the keeper with an ERC20 contract ABI and // Go functions corresponding to contract calls in the ERC20 standard like "mint" // and "transfer" in the ERC20 standard. @@ -60,7 +69,7 @@ func (e erc20Calls) Mint( contract, from, to gethcommon.Address, amount *big.Int, ctx sdk.Context, ) (evmResp *evm.MsgEthereumTxResponse, err error) { - return e.CallContract(ctx, e.ABI, from, &contract, true, Erc20GasLimitExecute, "mint", to, amount) + return e.CallContract(ctx, e.ABI, from, &contract, true, getCallGasWithLimit(ctx, Erc20GasLimitExecute), "mint", to, amount) } /* @@ -82,7 +91,7 @@ func (e erc20Calls) Transfer( return balanceIncrease, nil, errors.Wrap(err, "failed to retrieve recipient balance") } - resp, err = e.CallContract(ctx, e.ABI, from, &contract, true, Erc20GasLimitExecute, "transfer", to, amount) + resp, err = e.CallContract(ctx, e.ABI, from, &contract, true, getCallGasWithLimit(ctx, Erc20GasLimitExecute), "transfer", to, amount) if err != nil { return balanceIncrease, nil, err } @@ -141,7 +150,7 @@ func (e erc20Calls) Burn( contract, from gethcommon.Address, amount *big.Int, ctx sdk.Context, ) (evmResp *evm.MsgEthereumTxResponse, err error) { - return e.CallContract(ctx, e.ABI, from, &contract, true, Erc20GasLimitExecute, "burn", amount) + return e.CallContract(ctx, e.ABI, from, &contract, true, getCallGasWithLimit(ctx, Erc20GasLimitExecute), "burn", amount) } func (k Keeper) LoadERC20Name( @@ -174,7 +183,7 @@ func (k Keeper) LoadERC20String( evm.EVM_MODULE_ADDRESS, &erc20Contract, false, - Erc20GasLimitQuery, + getCallGasWithLimit(ctx, Erc20GasLimitQuery), methodName, ) if err != nil { @@ -202,7 +211,7 @@ func (k Keeper) loadERC20Uint8( evm.EVM_MODULE_ADDRESS, &erc20Contract, false, - Erc20GasLimitQuery, + getCallGasWithLimit(ctx, Erc20GasLimitQuery), methodName, ) if err != nil { @@ -232,7 +241,7 @@ func (k Keeper) LoadERC20BigInt( evm.EVM_MODULE_ADDRESS, &contract, false, - Erc20GasLimitQuery, + getCallGasWithLimit(ctx, Erc20GasLimitQuery), methodName, args..., ) diff --git a/x/evm/keeper/funtoken_from_erc20_test.go b/x/evm/keeper/funtoken_from_erc20_test.go index 94c7b6960..f05fa2fd4 100644 --- a/x/evm/keeper/funtoken_from_erc20_test.go +++ b/x/evm/keeper/funtoken_from_erc20_test.go @@ -385,6 +385,73 @@ func (s *FunTokenFromErc20Suite) TestFunTokenFromERC20MaliciousTransfer() { s.Require().ErrorContains(err, "gas required exceeds allowance") } +// TestFunTokenInfiniteRecursionERC20 creates a funtoken from a contract +// with a malicious recursive balanceOf() and transfer() functions. +func (s *FunTokenFromErc20Suite) TestFunTokenInfiniteRecursionERC20() { + deps := evmtest.NewTestDeps() + + s.T().Log("Deploy InfiniteRecursionERC20") + metadata := keeper.ERC20Metadata{ + Name: "erc20name", + Symbol: "TOKEN", + Decimals: 18, + } + deployResp, err := evmtest.DeployContract( + &deps, embeds.SmartContract_TestInfiniteRecursionERC20, + metadata.Name, metadata.Symbol, metadata.Decimals, + ) + s.Require().NoError(err) + + erc20Addr := eth.EIP55Addr{ + Address: deployResp.ContractAddr, + } + + s.T().Log("happy: CreateFunToken for ERC20 with infinite recursion") + s.Require().NoError(testapp.FundAccount( + deps.App.BankKeeper, + deps.Ctx, + deps.Sender.NibiruAddr, + deps.EvmKeeper.FeeForCreateFunToken(deps.Ctx), + )) + + _, err = deps.EvmKeeper.CreateFunToken( + sdk.WrapSDKContext(deps.Ctx), + &evm.MsgCreateFunToken{ + FromErc20: &erc20Addr, + Sender: deps.Sender.NibiruAddr.String(), + }, + ) + s.Require().NoError(err) + + deps.ResetGasMeter() + + s.T().Log("happy: call attackBalance()") + res, err := deps.EvmKeeper.CallContract( + deps.Ctx, + embeds.SmartContract_TestInfiniteRecursionERC20.ABI, + deps.Sender.EthAddr, + &erc20Addr.Address, + false, + 10_000_000, + "attackBalance", + ) + s.Require().NoError(err) + s.Require().NotNil(res) + s.Require().Empty(res.VmError) + + s.T().Log("sad: call attackBalance()") + _, err = deps.EvmKeeper.CallContract( + deps.Ctx, + embeds.SmartContract_TestInfiniteRecursionERC20.ABI, + deps.Sender.EthAddr, + &erc20Addr.Address, + true, + 10_000_000, + "attackTransfer", + ) + s.Require().ErrorContains(err, "execution reverted") +} + type FunTokenFromErc20Suite struct { suite.Suite }