Awesome Buggy ERC20 Tokens

A Collection of Vulnerabilities in ERC20 Smart Contracts With Tokens Affected

Read the docs in Chinese: https://github.com/sec-bit/awesome-buggy-erc20-tokens/blob/master/README_CN.md

Disclaimers

This repo is aimed to notify the community of development security by collecting reported smart contract issues
This repo collects all info from public resources and part of analysis is generated by script along with manual checking
This repo might not be perfectly accurate, please contact us or submit a pull request when you find something wrong
This repo contains no unreported issue
This repo might have duplicate names with popular projects, please do not over-decipher this
This repo includes some Token contracts without vulnerabilities, while they fail to satisfy specifications
This repo has a few problematic Token contracts that have already been fixed properly

Navigation

Visit bad_tokens.all.csv for a summary of all Token contracts affected
Visit bad_tokens.top.csv for a summary of top ranking Token contracts affected
Visit ERC20_token_issue_list.md for a detailed description of all bugs and Token contracts affected
Visit 'How to contribute' if you find a mistake or anything missed in this repo

Recent Updates

Problems in ERC20 Token Contracts

ERC20 standard is one of the most popular Ethereum token standards [1]. As of June 26th, 2018, more than 95,000 ERC20 token smart contracts have been deployed according to statistics from Etherscan. Here is a daily trend chart of ERC20 contracts created according to our statistics:

Security Incidents in Smart Contracts

ERC20 Token specification has gone through challenges and improvements during its growth. Lots of critical security issues have been revealed, some of which have led to severe financial losses [2-11] for developers, investors, even Ethereum community as well.

On June 18th, 2016, the DAO hack caused a total loss of over 3,600,000 ethers(ETH) worth over a billion dollars, and the Ethereum hard-fork afterwards led to the Ethereum community breaking apart [2].

On April 22th, 2018, the attack on BeautyChain(BEC) contract hardly decreased the token price to zero via pouring astronomical tokens to exchanges through an integer overflow [3]. There are 10 other contracts at least containing this problem.

On April 25th, 2018, a similar integer overflow got uncovered in SMT. Hackers minted and dumped a tremendous amount of tokens, resulting in SMT's collapse [4]. There is one other contract at least containing this problem.

On May 20th, 2018, a critical logical flaw was found in EDU along with other three Token contracts (CVE-2018–11397, CVE-2018–11398), causing that users' balances could be transferred out randomly [5]. After further analysis, we caught this bug in at least 81 contracts [6].

On June 12, 2018, a series of overflow bug in ERC20 smart contracts got uncovered (CVE-2018-11687, CVE-2018-11809, CVE-2018-11810, CVE-2018-11811, CVE-2018-11812) [7]. We have revealed more than 800 contracts with the same problem after scanning over 20,000 contracts deployed on Etherscan [8].

Failure of Satisfying Specification in Many ERC20 contracts

Lots of ERC20 token contracts do not follow the ERC20 standard strictly, which is troublesome to developers of DApps on ERC20 tokens [12-14].

Thousands of deployed Token contracts referred to incorrect example code on Ethereum official website and OpenZeppelin, resulting in several functions failing to meet ERC20 standard. After upgrading Solidity compiler to 0.4.22, incompatibilities would arise and these contracts could not perform normal transactions on decentralized exchanges (DEX) or DApp in most cases [12], whereas a majority of DApp developing teams were off guard and unaware of such a problem.

Several Token contracts added redundant checks in standard approve(), requiring that the approved _amount smaller or equal to the current balance. However, it makes DEX employing protocols like 0x hard to finish approve() in advance, asking the Token developing team transfer a huge amount of tokens to the exchange's intermediate account ahead which violates the target of employing ERC20 standard and brings about inconvenience.

Since it is defined optional to set common querying interfaces like name(), symbol() and decimals() in ERC20 specification [1], many Token contracts left them out or named them differently, such as NAME(), SYMBOL() and DECIMALS(), making it harder for DEX and DApp developing.

Another point worth mentioning is that two events - Transfer and Approval should get fired under certain circumstances described by ERC20 specification [1]. In fact, many Token contracts left out Approval event referring to Ethereum official website [14]. This omission causes great difficulty for developers listening to relevant events, undermining the development of DApp ecosystem.

One Solution: Collecting Buggy Token Contracts

Statistical summaries from security organizations and experts indicate that critical vulnerabilities are hiding in smart contracts, taking the 'TOP 10 in 2018' by NCC group [15] as an example:

Reentrancy
Access Control
Integer Overflow
Unchecked Return Values For Low Level Calls
Denial of Service
Bad Randomness
Front-Running
Time manipulation
Short Address Attack
Unknown Unknowns

This might be just the tip of an iceberg. Recent research together with the aforementioned point of view state clearly that the scale of problems in smart contracts deployed on Ethereum may go beyond our imagination.

We made a collection of past bugs and vulnerabilities, including:

vulnerabilities in Token contracts
incompatibilities due to inconsistency with ERC20
excessive authorities of Token administrators [16]

Why This Repo?

There are many projects in Ethereum community contributing to the ecosystem of smart contracts, such as 'A guide to smart contract security best practices' [17] maintained by Consensys and 'OpenZeppelin, a framework to build secure smart contracts on Ethereum' [18] developed by OpenZeppelin.

Also, we found the fact that a majority of issues in buggy Token contracts come from referring, copying and modifying others' code without caution. Also, using incorrect sample code is an origin of bugs. It is difficult for beginners and developers of smart contracts to determine whether a contract snippet from main net contains bugs and identify these issues in seconds.

We would maintain this collection to:

provide a reference and learning materials of common bugs in ERC20 token contracts
help ERC20 token contract developers to develop correct and secure contracts
notice DApp developers of incompatible/buggy/vulnerable ERC20 token contracts
warn exchanges and investors of potential risks in incompatible/buggy/insecure ERC20 tokens

What We Collect?

Descriptions of common vulnerabilities
List of deployed buggy token contracts
List of nonstandard token contracts

Repo Structure

awesome-buggy-erc20-tokens
├── token_dict.json
├── token_detail_dict.json
├── ERC20_token_issue_list_CN.md
├── issues.json
├── bad_tokens.all.csv
├── bad_tokens.all.json
├── bad_tokens.top.csv
├── bad_tokens.top.json
├── raw/
├── csv/
├── json/
├── gen_token_detail_dict.py
└── gen_list_from_raw.py

token_dict.json lists addresses and basic info of ERC20 contracts collected by CoinMarketCap
token_detail_dict.json lists addresses and detailed info of ERC20 contracts collected by CoinMarketCap
ERC20_token_issue_list.md lists detailed descriptions of known bugs.
issues.json maps between known bugs and indexes.
bad_tokens.all.csv along with bad_tokens.all.json are lists of all buggy Token contracts in CSV and JSON formats.
bad_tokens.top.csv along with bad_tokens.top.json are lists of top ranking buggy Token contracts in CSV and JSON formats.
raw/, csv/ and json/ list all known bugs and addresses of affected contracts in formats of plain text, CSV and JSON.
gen_token_detail_dict.py is a script to update token_detail_dict.json
gen_list_from_raw.py is a script to generate .csv and .json lists above.

As shown below, lists in CSV and JSON help developers to browse and search for addresses of given contracts with reported vulnerabilities.

addr,category,name,symbol,exchanges,totalSupply,decimals,info
0x014B50466590340D41307Cc54DCee990c8D58aa8,[B6],ICOS,ICOS,@HitBTC@Tidex,560417,6,_
0x093e5C256Ff8B32c7F1377f4C20e331674C77F00,[A2],Dignity,DIG,@Livecoin,3000000000,8,_

{
    "0x014B50466590340D41307Cc54DCee990c8D58aa8": {
        "decimals": 6,
        "exchanges": [
            "HitBTC",
            "Tidex"
        ],
        "info": "_",
        "issues": {
            "no-symbol": true
        },
        "name": "ICOS",
        "rank": 316,
        "symbol": "ICOS",
        "totalSupply": 560417
    },
    "0x093e5C256Ff8B32c7F1377f4C20e331674C77F00": {
        "decimals": 8,
        "exchanges": [
            "Livecoin"
        ],
        "info": "_",
        "issues": {
            "totalsupply-overflow": true
        },
        "name": "Dignity",
        "rank": 613,
        "symbol": "DIG",
        "totalSupply": 3000000000
    }
}

How to Contribute

We hope this collection can contribute to the Ethereum ecosystem by maintaining and updating in a long period and definitely welcome contributions to this collection.

For now we only maintain detailed information of token contracts (totalSupply, decimals, exchanges) that have market caps on CoinMarketCap. If you find any other incompatible/buggy/vulnerable ERC20 token contracts, please update token_dict.json and run script gen_token_detail_dict.py.

If you find other bugs not listed in this collection, please update in the following process.

Add the name and description of the bug with reference to ERC20_token_issue_list.md
Create a new file with the bug name in raw directory and fill in the address of affected contracts
Add the name and index of the new bug to issues.json
Run python3 gen_list_from_raw.py -i raw/* -o bad_tokens in the repo root
Check the update and send us a pull request

If you have any questions or ideas, please join our discussion on Gitter.

TODO

Add more 'Excessive Authorities' issues:
- Minting tokens
- Setting trading price
- Manipulate other accounts

Technical Partnership

References

[1] ERC-20 Token Standard, Nov 19, 2015
[2] Understanding The DAO Hack for Journalists, Jun 19, 2016
[3] A disastrous vulnerability found in smart contracts of BeautyChain (BEC), Apr 23, 2018
[4] SmartMesh Announcement on Ethereum Smart Contract Overflow Vulnerability
[5] SECBIT: 智能合约红色预警：四个Token惊爆逻辑漏洞，归零风险或源于代码复制, May 24, 2018
[6] SECBIT: 围观！81个智能合约惊现同一漏洞，是巧合？还是另有玄机？, Jun 3, 2018
[7] Tsinghua-360 Research Center of Enterprise Security: ERC20智能合约整数溢出系列漏洞披露, Jun 12, 2018
[8] ChainDD: 【得得预警】ERC20智能合约又现大量整数溢出漏洞, Jun 12, 2018
[9] Alert! Another integer overflow vulnerability just found in HXG smart contract, May 19, 2018
[10] UselessEthereumToken(UET), ERC20 token, allows attackers to steal all victim’s balances (CVE-2018–10468), May 3, 2018
[11] Bugged Smart Contract FuturXE: How Could Someone Mess up with Boolean? (CVE-2018–12025), Jun 6, 2018
[12] An Incompatibility in Ethereum Smart Contract Threatening dApp Ecosystem, Jun 8, 2018
[13] Redundant Check in ERC20 Smart Contracts’ approve(), Jun 15, 2018
[14] token-erc20: add event Approval to follow eip20
[15] DASP - Top 10 of 2018
[16] PeckShield: Highly-Manipulatable ERC20 Tokens Identified in Multiple Top Exchanges, Jun 9, 2018
[17] A guide to smart contract security best practices
[18] OpenZeppelin, a framework to build secure smart contracts on Ethereum
[19] 360 0KEE Team: 以太坊智能合约Hexagon存在溢出漏洞, May 18, 2018
[20] SlowMist：ATN 披露特殊场景下的以太坊合约重大漏洞, Jun 20, 2018
[21] BCSEC: 一些智能合约存在笔误，一个字母可造成代币千万市值蒸发！, Jun 22, 2018
[22] LianAn：小心！智能合约再爆高危漏洞，两大加密货币直接变废纸！, Jun 6, 2018
[23] PeckShield: New allowAnyone Bug Identified in Multiple ERC20 Smart Contracts, May 23, 2018

sec-bit/awesome-buggy-erc20-tokens

sec-bit

Reviews

Repository Details