Smart Contract risk

Instructors: Andreas Park and Zissis Poulos

What's special about smart contracts?

Self-custody and selfcontrol of assets
Unfiltered access to financial infrastructure
Free entry of service providers
Conceptually non-custodial services run as autonomous codes on the infrastructure
Blockchain = common resource
Services = platforms

features

consequences

Blockchain-based Decentralized Finance in a Nutshell

Self-custody and selfcontrol of assets
Unfiltered access to financial infrastructure
Free entry of service providers
Conceptually non-custodial services run as autonomous codes on the infrastructure
Blockchain = common resource
Services = platforms

features

What the focus of this paper?

What is a smart contract/DeFi application?

piece of code that performs operations on the blockchain
can be
- called (= used) by anyone
- deployed by anyone
organized
- as a platform
- often requires deposits of assets
- often involves transfers of assets
immutable?
- actually not exactly...

liquidity pools for trading, borrowing & lending
collateral for trades (derivatives), borrowing
bonds for securing services and trust

some features

some examples

Here's the problem...

DeFi Security Risks

Risk is in every layer of the tech stack!

Network Layer
- DDoS attacks etc.
Blockchain Layer
- Sybil attacks
- MEV
Smart Contract Layer
- Malicious code
- Bug exploits
Interface Layer
- Oracle attacks
- Malicious plug-ins (e.g., malicious wallet installation etc.)

Known Smart Contract Vulnerabilities

Re-entrancy
Insecure arithmetic
Unexpected ETH flows (force feeding)
Unprivileged access/writes
Etc...

https://consensys.github.io/smart-contract-best-practices/attacks/

What can we do to prevent exploit? What are common fault lines?

do transfers work under all circumstances
- edge cases matter
reliance on oracles
- use price and input from other sources
- oracles can be manipulated
applications may be used by others in unexpected ways
- flash-loan attacks
- unobserved risks created by users (Morpho)
smart contract code of other applications that you rely on may change
- Morpho v. AAVE

Three Examples of Exploits

Cream Finance

attacker donated $10M of token to a trading mechanism
changes the exchange rate from 1:1 to 2:1
extract 130M by borrowing against non-existent collateral

PBS attack

certain arbitrage algos are designed to front-run trades ("sandwich attacks")
attacker pretended there was a front-runnable trade but made the block header invalid
allowed to view front-runners which they then front-ran to extract $25M

Balancer Rounding Error

Solidity code rounds down when it shouldn't.
Convinced the pool that there were fewer tokens than there were $\to$ low price
extract $113M tokens at low price
The issue is only arises for very small transactions.
But exploit works when applied at scale (many small round-down transactions)

attacks very subtle
hard to anticipate every scenario and combination of scenarios
attacks happen with immense scale and incredibly quickly

Re-entrancy - The DAO hack

fallback() with "evil" logic

The DAO

withdraw

send

receive() is missing!

Hacker calls withdraw
The DAO sends ETH
No receive()
- Do fallback()
- fallback takes ETH and calls withdraw()
- First withdraw is still running!!!
- Nested loop and balance never updates

It's happened before

Unprivileged Writes - The Parity Wallet hack

...

DeFi Exploits

Hacker remotely stole validator private keys

Bridge attack

Hacker minted WETH out of thin air on Solana's contract

Signatures were not verified! Bridge attack....hmmm

Smart Contract Scams

Too many to enumerate here
- SetApproveForAll -> "I give you access to my digital assets to move around"
  - OK for NFT marketplaces and maybe DEX.
  - NOT OK if you don't trust the URL (see "Uniswap phishing attack")
- SendEth -> Well..."Send your ETH to X address"
  - OK, but what if it's invoked when you try to "mint" an NFT??
- Hidden "disable transfer" functions
  - Cannot sell token (Squid token)
- Buy/Sell taxes
  - Scammer can change tax from 5% to 99% for all holders except owner
  - Slippage threshold makes all transactions fail
Scammers think of new tricks every time a trick becomes "known"
- Honeypots!!

https://rekt.news/leaderboard/

The Squid Game Token: does nothing than borrow the name from the game

total gain: 230,000%

The Shiba Inu coin is nothing. It stands for nothing, it's linked to nothing.

Token Scams (not just scam tokens)

A word about tokens: What might token investors be concerned about?

Prat, Danos, Marcasse (Management Science 2025) "Fundamental Pricing of Utility Tokens"
- tokens first sold to investors ...
- ... but eventually make their way to users
hidden features of tokens:
- Squid Game Token could not be sold
Do the economics of the tokens work?
- set incentives
- pay for usage
- optimizing for usage and income
- payment mechanisms
trust issuer?
- can the be interference?
- will there be updates and continuoed development (Canidio 2022)

tokens are mostly financial instruments
... but they don't neatly fit into our existing nomenclature
same for issuers, usage, evolution of tokens
requires a different "mindset" to understand

Code-Audits?

What is so special about "auditing" smart contracts?

software code reviews and standards are nothing new
cyber-attacks happen everywhere
... yet blockchain is different
Cyber-attack: indirect cost
- loss of data
- loss of secrets
- abuse of information
Blockchain exploit:
- direct loss of funds of customers/users
- often irretrievable
- no accountability, no recourse
- no ability of courts or regulators to order return of funds

When do you do the review? Circumstances may matter

before launch

brand-new
updated version (v1$\to$v2 etc)

bad things have just happened to others

after launch

bad things happen to others

bad things happen to you

What kind of code review?

worry about

participation incentive
sufficient competition (may discover problem and exploit in future)

decentralized "bounty" program

code audit firm

high repuation (and pricey)

unknown (but cheap)

The cyber-attack $-$ code-review problem

known
knowns

unknown
knowns

known
unknowns

unknown
unknowns

develop "processes"

get
outside
help

code review space

write the code as well as you can before you deploy
code audit verifies that you
- followed the right procedure
- made no obvious error

you lacked full expertise and missed important checks
code audit identifies the issue and allows you to fix them

you know that problems can arise in the future but you don't know what might happen
you build-in safeguards

you get caught off-guard by problems that you didn't think would be a problem
you need out-of-the-box thinking

Some evidence on The Code Review Decision: "Auditing Smart Contracts" by Wayne Landsman, Evgeny Lyandres, Edward Maydew, Daniel Rabetti, Che Zhang (likely to be published in the Journal of Accounting and Economics)

Code Review Decision
- Who asks for code review?
- What type of review?
  - Centralized firm? What level of reputation?
  - Decentralized “bounty” system?
Audit Effectiveness
- Do audits reduce the likelihood or severity of future security breaches?
Post-Breach Responses
- How do developers and auditors react after hacks?
- Effects on auditor reputation and market share?

Research Questions

1. Audit Demand

Who seeks audits?
- oracles, bridges, cross-chain designs, lending logic.
Top tier
- Larger and more visible protocols.
Ex exploit
- Systemic hacks increase demand for high-reputation audits.

Main Findings Part 1: Audit Demand

Naive average:
- audits do not reduce hack probability.
Correcting for selection
- top-tier and decentralized (bounty) audits are associated with fewer and smaller losses.

Main Findings Part 2: Audit Effectiveness

means that audited protocols "survive" longer without a hack

Hacked protocols:
- upgrade auditors or
- add bounty programs.
Auditors implicated in hacks
- lose about 4 pp of market share short-term, but usually recover.
- Strong, visible crisis management mitigates reputational damage.