Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Heiswap Dapp #321
Heiswap (黑 swap) is an Ethereum transaction mixer that ultilizes parts of CryptoNote to enable zero-knowledge transactions.
It ulitilizes Ring Signatures and pseudo-stealth addresses to achieve its zero-knowledge properties. The deployed smart contract handles the signature verification, while the client is responsible for generating the pseudo-stealth address.
Ring signatures was only possible on the EVM (gas-wise) due to the recent addition of EIP198.
Number of lines:
1 similar comment
Heiswap Dapp Security Audit Report
2. In scope
In total, 5 issues were reported including:
3.1. Anyone can close a ring
Confidentiality is based on the fact that there is no links between 5(maximum) deposits and 5 withdrawals. But the contract provides for the premature closure of the ring, even if the amount of participants is less than 5. The exposer can intentionally enter each ring together with the observed address and close the ring with two participants. Thus, he will be able to detect the withdrawing address.
To have only two participants in the ring, the exposer can track the transaction of the observed address and as soon as it appeared to make an Front-Running Attack closing the previous ring. Then the observed address will come into a new ring, which the exposer will be able to close with 2 participants.
3.2. Losing the funds
When the deposit is not an exact value, rounding occurs. And a decimal fraction of deposit remains blocked in the contract. For example, if an amount of 2.7ETH is deposited , 0.7ETH will be lost.
Return the rest of the rounding.
3.3. Incorrect gas compensation
The contract provides for compensation of gas during the withdrawal of funds:
// Send ETH to receiver // Calculate fees (1.33%) + gasUsage fees uint256 gasUsed = startGas - gasleft(); uint256 fees = (withdrawEther / 75) + gasUsed + startGas;
3.4. Zero address checking
3.5. Unused variable
Severity: minor observation
The audited smart contract must not be deployed. Reported issues must be fixed prior to the usage of this contract.
5. Revealing audit reports