Versions Compared

Old Version 1

changes.mady.by.user Eric Butz

Saved on

compared with

New Version Current

changes.mady.by.user Eric Butz

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Component

Vulnerability

Description

Implications for FIO

Next steps / Status

fio.erc20

fio.erc721

Re-entrancyGeneral solidity vulnerabilities

The following site lists several solidity hacks/vulnerabilities that should be reviewed and considered.

https://medium.com/hackernoon/hackpedia-16-solidity-hacks-vulnerabilities-their-fixes-and-real-world-examples-f3210eba5148

Recommend erc20 and erc721 contract be audited for securit

FIO had our Solidity hacks could result in minting of WFIO without wrapping.

Tip

Complete

The critical issues from the

  • Create a table that includes:

    • Security issue

    • Description of the issue

    • Implications of the security issue for FIO users

    • Mitigation strategies for the security issue

  • Identify those areas where there is a gap in existing knowledge or technologies.

  • Discuss/identify external resources that can fill these gaps.

Consider adding an anomaly detection system:

https://www.eosgo.io/news/vaultsx-hack-lessnos-learned-and-thoughts

“It is likely that if more than 30% of the funds are withdrawn from the contract in a short period of time, then the chances are high that this is the result of a hacker attack.

Automatic anomaly detection systems cannot stop an attack, but they can mitigate damage. Such systems are an algorithm for detecting behavior that is not typical of a contract under normal circumstances. I highly recommend that developers of high-end contracts implement the simplest anomaly detection systems.”

We have a FIO token Wrapping project under development and will need to audit three areas:

  • The FIO Chain fio.orcle contract

  • The Ethereum Chain fio.erc20 contract

  • The Nodejs Oracle code that monitors both chains and executes wrap and unwrap transactions.

This story tracks the security audit of the "oracle" JS code that sits between the FIO and the Ethereum chains and monitors them for wrap/unwrap activity and then transfers FIO tokens on the FIO chain to WFIO tokens on Ethereum (and vice versa).

...

  • Fixes were also applied to the erc721 contract.

  • Pause function, callable by any oracle, can halt minting/wrapping

  • With a large hack the FIO community could elect to fork the hack out of the contract and redeploy.

  • Task to create an anomaly detection service to monitor for on chain behavior that might indicate a hack has occurred:

    Jira Legacy
    serverSystem JIRA
    serverId5f0d8161-d4cf-3d17-96b1-53b2b2b5013d
    keyBD-3892

fio.oracle

Compromised keys

Outside of the general risks to the erc20 and erc721 contracts, the main risk for Oracles is that their signing keys somehow compromised and can be used to send approvals to the FIO and Solidity contracts.

The fio.oracle javascript code has not been audited. This code should only be run in a protected environment on Oracle servers. The keys are held in environment variables that, if compromised, would allow a hacker to approve illegitimate transactions

Could result in unauthorized minting and wrapping.

  • Story to review security considerations for Oracle servers. Need to define what that should look like in coordination with the BPs:

    Jira Legacy
    serverSystem JIRA
    serverId5f0d8161-d4cf-3d17-96b1-53b2b2b5013d
    keyBD-3893

  • Included notes in the anomaly detection story (BD-3892). This service should report all wraps/unwraps to a monitored Discord channel.

  • Created story to track the risks and costs associated with performing an audit of the fio.oracle code:

    Jira Legacy
    serverSystem JIRA
    serverId5f0d8161-d4cf-3d17-96b1-53b2b2b5013d
    keyBD-3894