Hyperinflation Vulnerability - Reading Assignment

1. How was the bug discovered?
   Peckshield have developed an automated system that scans and analyses Ethereum based (ERC-20) token transfers. Alerts are sent out for suspicious transactions, including extremely large transfers of tokens.

2. What is this vulnerability called?
   batchOverflow as it is to do with integer overflow when passing 2 or more receivers into the batchTransfer function with extremely large numbers that cause an overflow

3. Which function is vulnerable?
   batchTransfer

4. Why was the vulnerability present in several ERC20 tokens?
   I would assume that this is due to Solidity having a batchTransfer functionality or perhaps due to size and storage restrictions for Solidity Smart contracts and therefore using data types that are limited.

5. Why is “code is law” mentality problematic when it comes to fixing bugs?
   Once the Smart contracts are deployed, there is no way to change them. Upgrading contracts can occur, but it does not mean these vulnerable contracts were designed in a way that makes this issue solvable.

6. How did exchanges react to this vulnerability?
   Some centralised exchanges were quick to react and suspended withdrawals and trading of certain affected tokens. Decentralised exchanges are by nature decentralised so harder to get around this.

Hyperinflation Vulnerability

• How was the bug discovered?
  • By the automated system that scans and analyses ERC-20 token transfers (found suspiious transaction involving unreasonably large tokens).
• What is this vulnerability called?
  • batchOverflow, essentially a classic integer overflow issue
• Which function is vulnerable?
  • function batchTransfer ... —> uint256 amount = uint256(cnt) * _value;
• Why was the vulnerability present in several ERC20 tokens?
  • Because ERC20 tokens are usually copied from one another
• Why is “code is law” mentality problematic when it comes to fixing bugs?
  • smart contracts are immutable, they are not supposed to be changed, and fixing would require a change.
• How did exchanges react to this vulnerability?
  • OKEX exchange suspended the trading and withdrawal of BeautyChain (BEC) tokens while other exchanges did not react fast enough.

1.How was the bug discovered?
Through an automated system that automatically sent out an alert of a suspicious transaction involving unreasonably large token amounts.

2.What is this vulnerability called?
batchOverflow

3.Which function is vulnerable?
The vulnerable function is located in batchTransfer () where the amount local variable is calculated as the product of cnt and _value. By having two _receivers passed into batchTransfer(), with the extremely large _value, the amount could be overflown and made zero. With amount zeroed, an attacker can then pass the sanity checks in the code and make the subtraction irrelevant.

4.Why was the vulnerability present in several ERC20 tokens?
Code is often reused as templates and therefore the spread.

5.Why is “code is law” mentality problematic when it comes to fixing bugs?
There’s really no traditional well-known security response mechanism in place to remedy vulnerable contracts.

6.How did exchanges react to this vulnerability?
OKEx suspended withdrawal and trading of the token in question, but exchanges are not all on the same page and would need to be coordinated, meaning there are still tokens vulnerable to batchOverflow.

1. How was the bug discovered? by an alarm monitoring a too high transaction
2. What is this vulnerability called? batchoverflow
3. Which function is vulnerable? batchTransfer()
4. Why was the vulnerability present in several ERC20 tokens? because there is a standard of how to make an erc20 and many contract were kind of copied from others
5. Why is “code is law” mentality problematic when it comes to fixing bugs? because there is not a procedure about how to fix the problem
6. How did exchanges react to this vulnerability? some stop the trading of the coin in question but others were not responding fast or not at all (especially decentralized exchange)

1. The bug was discovered by PeckShield team automated scan system. It detected extremely large erc20 transaction.
2. They called this vulnerability - batchOverflow
3. batchTransfer() function was vulnerable.
4. Looks like it was ERC20 standard at that time and a lot of contracts used it as a template.
5. Well, you cannot go back and modify your smart contract code. I guess, the way to do it is leave some function in your code for future use, or to roll the whole token to Version 2. But yes, you cannot edit existing code in your contract.
6. Exchange reaction was different. There are many exchanges including DEXes who can transact your token. They need to take coordinated action to stop the trade and replace the contract.

1. An automated system created by Pecksheild to scan and analyze Ethereum-based (ERC-20) token transfers and look for suspicious transactions
2. batchOverflow
3. batchTransfer()
4. Likely because each one copied code from other projects for their tokens
5. because their are no systems in place to resolve/mitigate catastrophic failures
6. OKEx made an announcement to suspend the withdrawal and trading of BeautyChain

How was the bug discovered?
By an automated system that scans Ethereum-based token transfers.

What is this vulnerability called?
batchOverflow

Which function is vulnerable?
batchTransfer

Why was the vulnerability present in several ERC20 tokens?
They used the same smart contract.

Why is “code is law” mentality problematic when it comes to fixing bugs?
Smart contracts are immutable, they are not supposed to be changed, and fixing would require a change.

How did exchanges react to this vulnerability?
Uncoordinatedly.

1. How was the bug discovered?
   The bug was discovered after someone had already exploited it and caused some abnormal transactions.
2. What is this vulnerability called?
   It is an overflow vulnerability. In this case they called it the batchOverflow exploit.
3. Which function is vulnerable?
   The batchTransfer() function was vulnerable.
4. Why was the vulnerability present in several ERC20 tokens?
   This happened because of the reusing of others’ work as templates or having it unfortunately set as a standard.
5. Why is “code is law” mentality problematic when it comes to fixing bugs?
   Having smart contracts be immutable limits the options for upgrading. This has created a lack of well-known responses to quickly fix it.
6. How did exchanges react to this vulnerability?
   Some shut down the trading of these tokens.

1 The bug was discovered by the peck shield security system that saw an unusually large transaction being placed.
2 The vulnerability was called batch over flow.
3 Its the batch transfer that is vulnerable.
4 The vulnerability was present due to the ERC20 having been reused .
5 Code law has problems because it is irrefutable, meaning you cannot go "in here " and do something to change it.
6 Exchange OKEx reacted by making an announcement to suspend the withdrawal and trading of the affected token; others were more slow to react.

1. How was the bug discovered?
Automated system from Peck Shield, alarmed about extremely large token transfer.
2. What is this vulnerability called?
batchOverflow
3. Which function is vulnerable?
batchTransfer function
4. Why was the vulnerability present in several ERC20 tokens?
Because ERC-20 standard is used widely and people by forking projects for quicker development reusing functions like batchOverflow in their smart contract.
5. Why is “code is law” mentality problematic when it comes to fixing bugs?
Because of immutable design of block chains, after fixing vulnerability, projects need to redeploy their smart contracts.
6. How did exchanges react to this vulnerability?
Uncoordinated.

• How was the bug discovered?
  discovered by PeckShield when their system detected an unusual BEC token transaction (someone transferred an extremely large amount of BEC token)

• What is this vulnerability called?
  the vulnerability is called batchOverflow

• Which function is vulnerable?
  the function batchTransfer()

• Why was the vulnerability present in several ERC20 tokens?
  because of the standard contract (template) for ERC20 tokens

• Why is “code is law” mentality problematic when it comes to fixing bugs?
  smart contracts are immutable (cannot be changed) and it was not possible to fix an issue

• How did exchanges react to this vulnerability?
  with an announcement to suspend the withdrawal and trading of batchOverflow-affected tokens

1. How was the bug discovered?
By an alarm raised by an automated system that scanned and analyzed ERC-20 token transfers.
2. What is this vulnerability called?
batchOverflow
3. Which function is vulnerable?
batchTransfer
4. Why was the vulnerability present in several ERC20 tokens?
Because other ERC20 tokens used the same code for parts of the contract.
5. Why is “code is law” mentality problematic when it comes to fixing bugs?
There is no traditional well-known security response mechanism in place to remedy the vulnerable contracts.
6. How did exchanges react to this vulnerability?
OKEx made an announcement that it suspended trading for BEC tokens.

1. Through an alarm raised by PeckShield’s system.

2. batchOverflow

3. batchTransfer

4. The code was part of another project//library in which some ERC20 tokens decided to re-use as a building block for their smart contract. The original developers of the function and those who re-used it made a human-error and did not carry out proper testing to ensure the function was fool-proof.

5. Because once contracts are deployed they are immutable and would require creating an entirely new smart-contract that fixes these issues.

6. They stopped all trading of the affected token to prevent attackers from selling the large batch of tokens (at least OKEx did based on the article).

1. How was the bug discovered?
   Scanning for unusual transactions.
2. What is this vulnerability called?
   batchOverflow
3. Which function is vulnerable?
   batchTransfer
4. Why was the vulnerability present in several ERC20 tokens?
   copy & paste
5. Why is “code is law” mentality problematic when it comes to fixing bugs?
   No standard security response established
6. How did exchanges react to this vulnerability?
   Some suspended trading

1. An alarm was raised by blockchain security company due to a large transfer of BEC.
2. batchoverflow
3. In the batchtransfer code
4. Becuase with large amount of transaction security checks can be passed and can overflow the amount make in it zero.
5. Becuase you can not change existing contract due to immutability property. You can write a new one.
   6.By suspending trading and withdrawals on BEC the affected coin.

Q1. How was the bug discovered?
The bug was discovered by PeckShield company’s automated scanning software which was scanning and analyzing ethereum based ERC20 tokens transfers. Unusually large amount of BEC (BeautyChain) token transfers were detected.

Q2. What is this vulnerability called?
The vulnerability is called batchOverflow which is a classic integer overflow issue.

Q3. Which function is vulnerable?
The batchTransfer() function in the code was vulnerable when the attacker passed extremely large value making the amount calculation to be zeroed.

Q4. Why was the vulnerability present in several ERC20 tokens?
The vulnerability was present in more than a dozen ERC20 contracts as they were also using the same ERC20 standard code from other token.

Q5. Why is “code is law” mentality problematic when it comes to fixing bugs?
The “code-is-law” principle in Ethereum blockchain lacks a proper security response mechanism to fix the Ethereum based vulnerable smart contracts.

Q6. How did exchanges react to this vulnerability?
One of the exchanges OKEx immediately suspended withdrawal and trading of BEC token. Other exchanges were still open for trading. The main concern was the non-centralized exchanges with offline trading services as it allows the attackers to exploit the vulnerability.

1. The bug was discovered by Peckshield’s automated scanning software to identify suspicious token transfers.

2. This vulnerability is called overflow.

3. batchTransfer() is vulnerable.

4. They all copy a faulty ERC-20 token code.

5. OkEx suspended trading and withdrawal of a particular token. But other exchanges continued to be open for trading of faulty tokens.

1. How was the bug discovered?
   on 4/22/2018, 03:28:52 a.m. UTC, the Peckshield automated system raised an alarm related to an unusual BEC token transaction.

2. What is this vulnerability called?
   batchOverflow

3. Which function is vulnerable?
   batchTransfer

4. Why was the vulnerability present in several ERC20 tokens?
   This was due to the fact that code is often cut and paste from one contract into another, so essentially the bug was punishment for lazy coders! ;-D

5. Why is “code is law” mentality problematic when it comes to fixing bugs?
   Because the blockchain is immutable, so that coin will always have that problem, forever. The only fix is not really a fix, but a solution, which is to fork the code into a new chain with the bug fix. But by the time that happens, the credibility of the dev teams and associated coins render the forks potentially irrelevant in the greater crypto markets.

6. How did exchanges react to this vulnerability?
   OKEx made an announcement to suspend the withdrawal and trading of BeautyChain. But decentralized exchanges do not have this ability. The result of the hyperinflation is a price plunge, and also a potential price plunge of common trading pairs, BTC and ETH as the hyperinflated tokens are dumped onto the market.

1. How was the bug discovered?
   They were monitoring transactions for unusually large amounts

2. What is this vulnerability called?
   batchOverflow

3. Which function is vulnerable?
   batchTransfer

4. Why was the vulnerability present in several ERC20 tokens?
   because they were developed from the same libraries

5. Why is “code is law” mentality problematic when it comes to fixing bugs?
   Smart contracts are distributed making them difficult to change, which is normally a good thing but not when there is a bug

6. How did exchanges react to this vulnerability?
   Eventually stopped the trading on the affected tokens