A Transaction Origin attack is a type of phishing attack that could dry up all the funds from a contract. The tx.origin global variable in Solidity will return the account address that starts a transaction. A caller account that is external is required for a transaction to be initiated on the Ethereum blockchain.The accounts that are not on smart contracts on the blockchain are called Externally Owned Accounts (EOA). An EOA is, for example, the account linked to your wallet.
Tx.origin is a valuable variable for determining which Externally Owned Accounts (EOAs) started a transaction. For instance, you can use the tx.origin global variable to determine which address initiated a call to the contract you own. This could be useful if you decided to permit or reject specific address access to the contract. You can also use tx.origin along with a counter to maintain the count of the number of times an Externally Owned Account (EOA) engages with the smart contract.
Vulnerability with tx.origin
The purpose of tx.origin is to identify who initiated the transaction. However, as we will see shortly, this can be ambiguous and exposes contracts to the risk of being misused if not utilized with caution.
Consider the following simple Example contract; the comments will assist you in understanding the working of the smart contract:
contract Example {
address public owner;
// my deployer is to be set as my owner:
constructor() payable {
owner = msg.sender;
}
//If the initiator of the transaction
// is the one who owns this smart contract,
// transfer Eth about any address _to via the transfer function
function transfer(address payable _to, uint _amount) public {
require(tx.origin == owner);
(bool sent, ) = _to.call{value: _amount}("");
require(sent, "Failed to send Ether");
}
}As a result, the contract will only transfer Eth to an individual if the owner is the initiator of the transaction through which the transfer function is called. Isn’t that right? But here is the catch. Any intermediary smart contract can also call the transfer function and misuse the transaction initiated by the rightful owner.
Let us illustrate using an example. Assume the owner transfers some Eth to a suspicious smart contract. Or a scam function is called by them on a smart contract by mistake. In its procedure, that smart contract could therefore call the wallet contract’s transfer function to invade the funds. The authentication will succeed since the transaction’s initiator is the rightful owner, even if he does not desire the transfer to occur.
Here’s an example of a smart contract that has the potential to steal money from the wallet of the owner if he or she engages with it:
// To steal the funds:
// Make the Owner of Wallet call this function:
function attack() public {
// Transfer Wallet's funds to the hacker
wallet.transfer(hacker, address(wallet).balance);
}
// Or make the owner send some Eth to this contract's address
// which will trigger fallback() like this:
fallback() payable {
// Transfer Wallet's funds to the hacker
wallet.transfer(hacker, address(wallet).balance);
}Prevention
Avoiding using the for personal authentication is indeed the best method to stop TX Origin attacks. It is best to use rather.
Join our beta program now https://www.olympix.ai/
Originally published at https://www.linkedin.com.
