(Not So) Smart Cosmos

This repository contains examples of common Cosmos applications vulnerabilities, including code from real applications. Use Not So Smart Cosmos to learn about Cosmos (Tendermint) vulnerabilities, as a reference when performing security reviews, and as a benchmark for security and analysis tools.

Features

Each Not So Smart Cosmos includes a standard set of information:

  • Description of the vulnerability type
  • Attack scenarios to exploit the vulnerability
  • Recommendations to eliminate or mitigate the vulnerability
  • Real-world contracts that exhibit the flaw
  • References to third-party resources with more information

Vulnerabilities

Not So Smart ContractDescription
Incorrect signersBroken access controls due to incorrect signers validation
Non-determinismConsensus failure because of non-determinism
Not prioritized messagesRisks arising from usage of not prioritized message types
Slow ABCI methodsConsensus failure because of slow ABCI methods
ABCI methods panicChain halt due to panics in ABCI methods
Broken bookkeepingExploit mismatch between different modules' views on balances
Rounding errorsBugs related to imprecision of finite precision arithmetic
Unregistered message handlerBroken functionality because of unregistered msg handler
Missing error handlerMissing error handling leads to successful execution of a transaction that should have failed

Credits

These examples are developed and maintained by Trail of Bits.

If you have questions, problems, or just want to learn more, then join the #ethereum channel on the Empire Hacking Slack or contact us directly.