Intra-update Sniping Vulnerabilities in Smart Contracts
Smart contracts (SCs) are documents that automatically execute an agreement between users as defined by code. The contract is distributed across a decentralized blockchain network, such as Ethereum and are irreversible and require no assumption of trust in a third party. SCs have spawned a variety of new decentralized applications – “DApps” – including games, marketplaces, financial platforms, and tokens. Creating DApps requires configuring multiple SCs together, for example having one SC handle authentication, one SC for transaction, and another for traceable computation. We can imagine various SCs as modular pieces in a larger application: one contract can authenticate the user, one contract keeps track of public info, one contract receives messages, and so on. So far, most DApp configurations are relatively small, consisting of only a few interlocked contracts, similar to the early days of cloud computing, where there were few resource types available (e.g. AWS started with just the EC2 and S3 services). However, just as cloud computing has grown in complexity (AWS now offers more than 200 different cloud services), we predict DApp configurations will grow in complexity as the applications space continues to grow.
Just as we anticipate the growth of SCs to mirror the growth experienced in cloud infrastructure in terms of impact, adoption, and complexity, we also expect similar issues to arise in issues of security. We specifically focus on Intraupdate Sniping Vulnerabilities, as described by Lepiller et al. These vulnerabilities arise in the management of cloud resource configuration files (e.g. AWS Cloudformation or Terraform) for cloud resources. An intraupdate sniping vulnerabilities describes a situation that occurs during the upgrade process from one cloud resource configuration to another. Even if both the initial configuration, ConfigA , and target configuration, ConfigB , are secure, an intermediate state that occurs during the upgrade process may be insecure relative toConfigA and ConfigB . In the context of SCs this vulnerability may arise with the use of proxy contracts.
Mon 18 OctDisplayed time zone: Central Time (US & Canada) change
10:50 - 12:10
|Analyzing Infrastructure as Code to Prevent Intra-update Sniping Vulnerabilities|
Julien Lepiller Yale UniversityMedia Attached
|Continuous Configuration Testing|
Tianyin Xu University of Illinois at Urbana-ChampaignMedia Attached
|Intra-update Sniping Vulnerabilities in Smart Contracts|
Mark Santolucito Barnard College, Columbia University, USA, Shmuel Berman Columbia University, Brennen Yu Columbia University, USA, Stella LesslerMedia Attached
|Local Expectation Testing for Terraform|
|Scuemata: A Framework for Evolvable, Composable Data Schema|
Sam Boyer Grafana LabsMedia Attached
|Configuration management: Q&A and discussion|