Honeypot was created by Web2 security experts to investigate the undetected or unnoticed hacking methods employed by attackers. It sets up a virtual trap to entice intruders. Attackers can take advantage of flaws in a computer system that has been purposefully compromised, allowing you to research them and strengthen your security measures.
But What does a honeypot mean in Web3?
In the blockchain sector, a smart contract known as a “honeypot” is purposefully weak in order to encourage attackers to take advantage of it. The plan is to persuade attackers or even ordinary users to submit a little amount of ether to the smart contract in order to take advantage of it, then freeze those ethers within the contract.
You’ll see various examples of these honeypots in this article along with a thorough technical description of how they operate. Therefore, continue to read if you’re eager to understand more about this topic.
Smart contract’s honeypot
A smart contract that pretends to leak money to any user based on a glaring flaw in its programming in exchange for additional contributions from that user is called a honeypot. Only the creator or attacker of the honeypot will be capable of recovering the funds that the user-contributed to the susceptible contract after they have been locked in it.
In the world of network security, the idea of a honeypot is very well-known, and security research has long employed it. The major goal of employing them was to find new or undiscovered exploits or methods that were already being utilized in the field. Additionally, honeypots were utilized to find zero-day vulnerabilities and notify vendors of them. In essence, this method was created to catch black hat hackers.
But with the development of Blockchain technology and the idea of smart contracts. This idea was first applied by black hat hackers to lure in users with both good and malicious motives. The basic concept is that the designer of the honeypot constructs a smart contract and introduces a blatant weakness into it.
Types of honeypot
Depending on the methodologies utilized, there are three basic categories that can be applied to smart contract honeypots:
- EVM-based smart contract honeypots
- Solidity compiler-based smart contract honeypots
- Etherscan-based smart contract honeypots
In a network context, a honeypot’s main purpose is to watch over a deliberately weak component to observe how it might be used by hackers. However, the fundamental goal of smart contracts is to deceive consumers into sending ether so that the developer may profit more from the exploited vulnerability.
As a result, the method utilized to conceal such information from consumers really specifies each type of honeypot in smart contracts.
The third class of smart contract honeypots is built around keeping information from users. Most people who attempt to abuse software seek out the simplest possible method to accomplish this (quick wins). As a result, they might not spend enough time going through every aspect of the susceptible smart contract. Due to such user’s actions, his money is locked in the smart contract. We’ll go over four methods utilized by deployers to deceive users by concealing internal activity from them in this article.
EVM-based smart contract honeypots
Only one kind of EVM-based smart contract honeypots is called balancing disorder. To explain how this kind of smart contract honeypot functions, consider the following illustration:
function easyMode( address addr ) external payable onlyUsers {
if (msg.value >= this.balance){
addr.transfer(this.balance + msg.value);
}
}A user can quickly understand from a glance at this function that if he sends more than the contract balance truly contains, whatever is in the contract and what he provides will be returned to him. Which, clearly, is a good offer.
The contract balance would be increased as soon as the user completes the function call, which is something a user might overlook in this brief inspection of the smart contract. This implies that regardless of what you do, the msg.value would always be less than the contract balance. As a result, the criteria will never be satisfied, and the smart contract will always retain this value.
Solidity compiler-based smart contract honeypots
As previously stated, this class of smart contract honeypots is built on in-depth knowledge of the operation of the Solidity compiler.
Inheritance Disorder Technique
In Solidity language, or even in similar programming languages, inheritance is among the most perplexing systems. This notion contains several subtle elements that the deployer may utilize to deceive people and perform in an unexpected manner.
The term “is”, followed by the name of the other smart contract whose source code this one wants to inherit, allows a smart contract written in the solidity programming language to implement the inheritance notion. The original data from the various contracts is then copied into a single smart contract, which is then constructed.
Skip Empty String Literal
The “skip empty string literal” in the Solidity compiler is yet another challenging behavior that might not be very simple to find. When a function is invoked with a blank string as an argument, Solidity experiences the Skip Empty String Literal problem.
When used as an argument in a function call, the encoder ignores the empty string literal “”. As a consequence, the encoding of each additional argument is shifted leftward by 32 bytes, resulting in incorrect function call data.
Type Deduction Overflow
Developers can declare a variable in Solidity without understanding what type it will be, thanks to a handy feature. The compiler will determine what type is best for that outcome if you create a variable using the keyword “var”. This method, meanwhile, could lead to a problem known as type deduction overflow.
Uninitialized Struct
A typical issue with solidity is the uninitialized structure, which can be used to deceive users or as a vulnerability.
When a structure variable is left uninitialized immediately upon creation, an uninitialized structure issue arises. The solidity compiler points a structure variable to the first position of the smart contract, if it isn’t initialized within the same line as its formation using the keyword “new.” This indicates that the variable is referring to the smart contract’s initial variable. The very first element value of such structure will replace its first variable value when the developer begins changing values in the structure variable.
Etherscan-based smart contract honeypots
All of the smart contracts which we have seen this far take advantage of the user’s need for language proficiency. However, the deployer here takes advantage of certain etherscan features and capabilities to conceal some significant information that might mislead readers.
Hidden State Update
The Etherscan platform aids programmers and any user of the Ethereum Blockchain in tracking their transactions or debugging their smart contracts. It displays user transactions and inner messages that also are handled by smart contracts. Although, it does not display internal messages with empty values. Therefore, smart contract honeypot deployer exploit this feature to trick users and change the smart contract behavior.
Straw Man Agreement
This tactic is based on displaying a contract’s code that isn’t really the one that is employed by the contract. For instance, the deployer might create a contract that needs a different library and initializes the address of that library either when the contract is deployed or by executing a certain function.
Unfortunately, this is a really cunning honeypot and is a very challenging strategy to figure out from a user. In order to identify this problem, the user should check the addresses of the smart contract that is deployed, as well as the various transactions and data given to the contract. Additionally, even if the user attempts to verify this smart contract in a separate contract, he will utilize the attacker’s smart contract code and observe regular behavior which makes it even harder to identify the problem.
Join our beta program now https://www.olympix.ai/
Originally published at https://www.linkedin.com.
