Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Don't assume contracts are created with zero balance #61

Closed
SergioDemianLerner opened this issue Sep 19, 2016 · 5 comments
Closed

Don't assume contracts are created with zero balance #61

SergioDemianLerner opened this issue Sep 19, 2016 · 5 comments

Comments

@SergioDemianLerner
Copy link

SergioDemianLerner commented Sep 19, 2016

Contract developers may assume a newly created contract has zero balance. For example,developers may write asserts on different parts of the code that check that the contract balance equals an internal field such as expectedBalance, which is updated on every incoming/outgoing payment.

In Ethereum contract addresses can be guessed: they are built using the source address and source nonce hashed. Therefore an attacker can predict the a contract address that is to be created and send before a tiny amount of ether the that address, pre-creating an account (without any code) with the same address. The attacker has no control over it, so the account nonce will be always zero. When the contract is actually created by the authentic source, the pre-existing balance will not be destroyed: the contract will be created with a pre-existent non-zero balance. Therefore a contract cannot assume the balance is zero upon creation.

@simondlr
Copy link
Contributor

Excellent edge case @SergioDemianLerner.

Thanks for the find. We will add this.

@ethers ethers closed this as completed in 6a7b382 Nov 15, 2016
@lherbeur
Copy link

lherbeur commented May 7, 2017

@SergioDemianLerner ...Does it mean if the authentic user tries creating the contract, the already existing one is used or how does the pre-creation affect the new creation? If indeed the attacker's pre-created contract is used and has control over the "contract created" by the real user, does that mean only the attacker would then have access over the contract and it's funds, which would have been updated by the authentic user?

@ethers
Copy link
Contributor

ethers commented May 9, 2017

pre-creating an account (without any code)

@lherbeur an account (no code) is what's pre-created. This advice is even in the case where someone sends ether to an accidental address, which happens to be the address that your new contract would be deployed to.

@mathcrypto
Copy link

Can we create a contract with pre existing balance and it will not refer to the addresse which created it. Annonimize the creator

@mathcrypto
Copy link

and also, will this balance be used by the owner of the contract or it will stay blocked if it came from someone else?

brakmic added a commit to brakmic/BlockchainStore that referenced this issue Jun 25, 2017
loredanacirstea added a commit to raiden-network/raiden-token that referenced this issue Aug 2, 2017
`require(this.balance == 0);` is addressing any possibility of this happening: Consensys/smart-contract-best-practices#61
devninja309 added a commit to devninja309/smart-contract-best-practices that referenced this issue Jun 4, 2022
SepehrSameni pushed a commit to SepehrSameni/smart-contract-best-practices that referenced this issue Oct 19, 2022
darrylcharlton54 added a commit to darrylcharlton54/best-practices-smart-contract that referenced this issue Nov 8, 2022
onlinehub0808 added a commit to onlinehub0808/-smart-contract-best-practices that referenced this issue Feb 20, 2023
FPLeader added a commit to FPLeader/smart-contract-practices that referenced this issue Sep 12, 2023
GreyRabbitty added a commit to GreyRabbitty/smart-contract-practice-best that referenced this issue Sep 19, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

5 participants