Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Detectors related to improper usage of Oracle APIs #2283

Open
talfao opened this issue Jan 27, 2024 · 4 comments
Open

Detectors related to improper usage of Oracle APIs #2283

talfao opened this issue Jan 27, 2024 · 4 comments
Labels
enhancement New feature or request

Comments

@talfao
Copy link

talfao commented Jan 27, 2024
edited
Loading

Describe the desired feature

Hello folks,

I am working on a bachelor's thesis related to smart contract security. My goal is to use static analysis to detect improper usage of Oracle APIs and, therefore, prevent possible vulnerabilities. I have created a few detectors in Slither, currently focusing on Chainlink data validation. I plan to support other Oracles and generalise the detectors, if possible.

The code is available here (it's a clone, not a fork of Slither at the moment): repository. To see what gets detected, you can check the tests. For example when calling priceFeed.latestRoundData(), the return value price should be checked:

       (
            uint80 roundID,
            int256 price,
            ,
            uint256 updatedAt,
            uint80 answeredInRound
        ) = priceFeedDAIETH.latestRoundData();

        require(price_check(price));
        require(updatedAt - block.timestamp < 500);
        require(answeredInRound > roundID);

Omitting such a check can lead to potentially serious issues if the oracles provide incorrect data. The detector checks whether the price-check is present.

Would you be interested in such a type of detector in Slither? It does not detect Solidity/Vyper syntax-related bugs but could be a valuable detector anyway. Maybe running such a detector could be hidden behind a feature flag.

I am looking forward to hearing any feedback from you on both the code and the idea of such detectors. Also, I am more than happy to improve/refactor the code to fit Slither better.

Cheers, Talfao
@talfao talfao added the enhancement New feature or request label Jan 27, 2024
@0xalpharush
Copy link
Contributor

Really great work @talfao! I think we're interested in upstreaming these. Would you make a PR and add the tests according to our guidelines (let me know if I can help or answer any questions) please? Then, I can do a more thorough review in the PR

@talfao
Copy link
Author

talfao commented Feb 4, 2024

Hello @0xalpharush,

Thanks for quick answer. That are great news. I will create PR soon.

@talfao talfao mentioned this issue Feb 4, 2024
Open
@talfao
Copy link
Author

talfao commented Feb 22, 2024

Hello @0xalpharush,

The PR #2289 was created. I would be glad to receive any feedback on the detector. However, I still have some features in my backlog and will improve the overall detection soon.

Talfao

@talfao
Copy link
Author

talfao commented Mar 18, 2024

Hello @0xalpharush,

I have already pushed improvements and fixed some issues after evaluation on several contracts.

From my perspective, the PR is ready for review. I am looking forward to your feedback.

Thank you.
Talfao

This was referenced Mar 29, 2024
Closed
Closed
@coderabbitai coderabbitai bot mentioned this issue Apr 5, 2024
Closed
@coderabbitai coderabbitai bot mentioned this issue Apr 27, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@talfao @0xalpharush