Blockchain Study Notes 24 - ETH US Chain
Learning video: Notes on "Blockchain Technology and Application"
by Mr. Xiao Zhen from Peking University Reference: Notes on the public course series "Blockchain Technology and Application" by Mr. Xiao Zhen from Peking University - Directory Navigation Page
ICO: Initial Coin Offering
IPO: Initial Public Offering
Background introduction
These issued tokens do not have their own blockchain, but run on the EVM platform of Ethereum in the form of smart contracts. The smart contract that issues the tokens corresponds to a node in the Ethereum state tree. This node has other The balance of your own account is equivalent to how many ethers the smart contract has in total, which is how many ethers his total assets are in the smart contract that issues tokens, and how many tokens each account has in the contract as storage The variables in the tree are stored in the account of the smart contract. The issuance, transfer, and destruction of tokens are realized by calling the functions in the smart contract. Each token can formulate its own conversion rules, such as 1 ether Coin = 100 tokens. For example, if an external account transfers an ether to this smart contract, the smart contract will send 100 tokens to your token account in the contract. The balance of each account is maintained during the issuance of tokens. inside the storage tree of the smart contract.
The token of the US chain is called BEC. For example, I have a lot of BEC, and I send tokens to ten different accounts, call this batchTransfer function, and each person sends 100 tokens, then this batchTransfer function will deduct 1000 from my account first. tokens, and then add 100 tokens to each of the ten accounts.
batchTransfer function
Attack Details
A bunch of numbers are the parameters of the function call. The function has two parameters, which correspond to the first two lines of the string of numbers. The first parameter is the address. The first line gives the specific location where the first parameter appears. Here is hexadecimal, 40 is 64, that is to say, the first parameter appears at the position of the 64th byte, and each line is 32 bytes, so it actually appears from the 2nd. The second line is the value of this value, which is a very large number. The front is 8 and the back is 0. The third line is the specific content of the array. The length of the array is 2. The next two lines are two receivers. the address of.
The characteristics of the parameter: the amount in the second line is 8, and then multiplied by 2, the calculated amount just overflows to 0. When add(value), the original string of large numbers is still added.
The red box is the tokens received by the receiving address, each address received a large portion of the tokens,
After being attacked, the function of withdrawing coins will be suspended to prevent hackers from escaping with money. The transaction was rolled back two days later, and the impact of the event was not as far-reaching as The DAO.
The price of this token plummeted after the
attack The exchange where the token was listed suspends withdrawals after the attack
reflection
Be sure to consider the possibility of overflow when performing mathematical operations. Solidity has a safeMath library, and the operations provided in it will automatically detect whether there is an overflow.
In the C language, multiplying two numbers will have a certain loss of precision, and dividing by one number will not necessarily result in the exact same number as the other number. But it does not exist in solidity, because both numbers are 256-bit integers, and the integers are multiplied first and then divided.
The safeMath library is used for both addition and subtraction of batchTransfer. Only the multiplication is not used accidentally, and the result is a tragedy.
