Auditor’s Notes: Initializing, Proxy, Oracles & Multi-Chain

We’ll look at some specific advice for/when working with initializing, proxy, oracles and auditing during the development of smart contracts on Solidity as we continue our series of educational articles!

• Auditor’s Advice: Math, Solidity Gas Optimizations | Part 1/3

• Auditor’s Advice: Solidity Checklist Reentrancy Attack | Part 2/3

• Auditor’s Advice: EVM Limitations Assembly Auditing Tips | Part 3/3

Additionally, today marks the continuation of a special series in which we will talk about various aspects of an auditor’s (or developer’s, if we’re talking about internal auditing) job. We promise it will be entertaining!

By the way, there are some vacant slots now so if your project needs an audit — feel free to  write  to us, visit our public reports page  here . Let’s get in touch:  gm@pessimistic.io !

Why do you need to read this article?

Audits are essential for catching potential security risks and preventing potential exploits that malicious actors might leverage. They provide an extra layer of assurance by identifying flaws that might have been overlooked during development!

Any error or logical flaw in the code can result in unexpected behavior or vulnerabilities that can be exploited… So that, auditors examine the smart contract for any logical flaws, inconsistencies in business logic, or unintended consequences of specific contract actions. By identifying and rectifying logic errors during the auditing process, we can ensure that the smart contract functions exactly as intended before it is deployed.

By conducting an audit, we can ensure that the contract has been developed with secure coding practices, such as protection against potential attacks like reentrancy, arithmetic overflows, unauthorized access and so on. Auditors review the code from a security perspective, identifying potential weaknesses and suggesting improvements to prevent any potential exploits.

In recent months we have been actively developing our own  Slither  detectors (check out our  Slitherin  tool) to help with code  review  and audit process. Please let us know if you have discovered an  issue/bug/vulnerability  via our custom Slither  detectors . You may contact us via opening a  PR/Issue  or  directly , whichever is more convenient for you!

Since 2016, our team has accumulated a considerable number of observations, which we will provide here, along with numerous security advice. We can confidently say that such tips can be read publicly in a few places, and our  blog  is one of those places. The following will be our observations — only dry facts for auditors, tricks and the best life-hacks shared by our best auditors.

Everything you see below is based on  our  personal experience. And today, dear readers, it will be made available to you!

We finished our own research a few months ago; please read it if you haven’t already:

You will also find a list of tools and research for self-study, and we strongly recommend that you read it separately for better understanding! Let’s get started!

I — Initializing Proxy

Nobody can deny that the foundation of any secure integration is a unique approach to code writing. As a result, this article will concentrate solely on those  areas  that might be quite valuable in keeping your code safe and secure.

Source:  Smart Contract Upgradeability on the Ethereum Blockchain Platform: An Exploratory Study

Our team has gathered a sizable number of observations since 2016, which we will present here along with numerous security recommendations. You can significantly improve the integration of your project’s security by utilizing the techniques listed below:

• initialize()  can be called only once;

• You should always check that the contract logic cannot be deleted ( Parity Multisig ). To do this (from the attacker’s perspective), you need to be able to jump to  selfdestruct  or  delegatecall  at a spoofed (fake) address. An unprotected  initialize()  often helps this issue to happen — from the attacker’s perspective, it probably hasn’t been called yet for the logic contract itself, so you can become its owner, or set the address for  delegatecall , or something like that;

• If the function accepts ether, then both the  “proxy” and “logic”  functions must be payable;

• Contract -logic cannot rely on local storage because it is executed in the context of the  calling  contract (proxy). If the  logic  includes  variables , they must either be  initialized  in the proxy (via  initialize or setters ), or they are  immutable variables  defined when the logic is deployed;

• Always check out if/when the  proxy  calls  target.initialize()  during the deploy — that’s a correct way to do so;

• You should  carefully  check out the storage layout in  storage -proxy (Storage contract with full  description  of data structure, from  which  both logic and proxy inherit):

A) Storage layout should not change on upgrade (i.e. no deleting/inserting fields,  resizing  variables, etc.);

B ) `Logic is Storage` must not be extended by inheriting standard contracts: `Logic is Ownable, Storage` breaks the layout immediately, and `Logic is Storage, Ownable` prevents Storage from being augmented in the future;

• We also finished our own research a few months ago; please read it if you haven’t already:

II — Multi-chain Cross-chain

We understand and respect your limited time, therefore we created a specific cheat sheet with nothing superfluous only for you! Check it out:

• Pre- EIP155  factory with  Create  (not  Create2 )  allowed  to ‘seize’ addresses of projects on another chain;

• “ MoonBeam ” —  Chainlink  shows the cost of assets on the native network (e.g. Mainnet). If a bridge (or token wrapper) is hijacked/hacked on that network, its value can diverge from Chainlink’s data. This can break protocols on that network that rely on  oracle  data;

• We also finished our own research a few months ago; please read it if you haven’t already:

III — Oracles Data

Implementing the recommendations outlined below can greatly enhance the security of your integration:

• It is necessary to check that  decimals  of tokens are correctly taken into account in the code;

• In all arithmetic operations with prices, check “ dimensionality ”;

• In price  oracles , one cannot only focus on the value  calculated  from the number of tokens on the contract balance at the current moment in time. We should also use  TWAP  with a longer time interval ( description );

Source:  A Study of Blockchain Oracles

• When working with token wrappers ( c-tokens ,  y-tokens ) remember that native currency wrappers ( cETH ) have no underlying token. For example, this should be taken into account in functions like  getUnderlyingPrice ( ) and getUnderlyingAddress( ).  Vulnerability example ;

• We also finished our own research a few months ago; please read it if you haven’t already:

IV — Countermeasures Defense Tactics

Looking at this  month’s never-ending hacks , one may wonder why they happen so  frequently …

Have audit firms actually  gotten worse  at what they do???

By the way, here are some vacant slots in the second quarter of 2023 now so if your project needs an audit — feel free to  write  to us, visit our public reports page  here !

This, in our opinion, is not the case; yet, the topic is rather tricky because, in certain ways, you can reduce the  risks  to yourself and your project!

Check out our  Pessimistic’s Spotter  On-Chain Monitoring Active Protection Service! Unlike the private version, the public version (this channel) reveals attacks  selectively  and does not allow you to track a specific address!

But first, I’d really like to ask you to read our previous article from which you can learn about the history of  Spotter  and the progress of development. Please  subscribe to our blog  to make sure you don’t miss any of the regular news and updates we plan to publish on the project in a  special  digest:

Risk mitigation is not something to set and  forget ; it’s a continuous process of monitoring, updating, and refining processes based on evolving market conditions. So, we updated the Spotter Telegram Bot to the public version. We made the onboarding and the customization as easy as possible, so you are able to set up alerts in 5 minutes!

Try it for free:  @attackdetectorbot

You can configure the alerts using a Telegram bot, and then use the /genkey command to get the API key. Based on the signals from API, you can then set up any defense action:

We at  pessimistic  sincerely hope you find our work useful and appreciate any feedback, so please do not hesitate to contact us! The best answers and questions may be included in the next blog post. We hope that this article was informative and useful for you!

By the way, s everal audits  have been  completed  successfully! By the way, here are some vacant slots now so if your project needs an audit — feel free to  write  to us, visit our public reports page  here !

Stay safe!

Support is very important to me, with it I can do what I love — educating users!

• Check out my GitHub

• Follow my Twitter

• Track all my activities

• All my Socials

• Join my TG channel

If you want to support my work, please, consider donating me:

• 0xB25C5E8fA1E53eEb9bE3421C59F6A66B786ED77A  or  officercia.eth  — ETH, BSC, Polygon, Optimism, Zk, Fantom, etc

• 17Ydx9m7vrhnx4XjZPuGPMqrhw3sDviNTU  — BTC

• 4AhpUrDtfVSWZMJcRMJkZoPwDSdVG6puYBE3ajQABQo6T533cVvx5vJRc5fX7sktJe67mXu1CcDmr7orn1CrGrqsT3ptfds — Monero XMR

Stay safe!