Boesin’s Analysis of the Fix Code on Poly Network Smart Contracts
Beosin has completed the analysis of the fix code of PolyNetwork Smart Contracts attacked on August 10(link to fix code: https://github.com/polynetwork/eth-contracts/pull/12/files). This code can repair contract-level vulnerabilities by adding a whitelist of contracts and function names.
The specific repair is as follows.
1 At EthCrossChainManager contract deployment, three white lists are initialized: whiteListFromContract, whiteListToContract, and whiteListMethod. where.
whiteListFromContract is used to specify which contracts can call the crossChain function, and crossChain events are triggered in the crossChain function.
whiteListToContract whitelist specifies the list of allowed target contracts when performing cross-chain transactions, which will only contain LockProxy contract addresses upon confirmation with the project owner.
whiteListMethod is used to specify the functions that can be called for cross-chain transactions. After confirming with the project, this whitelist will only contain the unlock function.
2. Check the corresponding whitelist before executing the function
Summary:
The fix code strictly restricts the target contracts that can be called by cross-chain messages and the functions that can be called, avoiding the problem of EthCrossChainManager being controlled by attackers at the contract level and calling sensitive functions such as putCurEpochConPubKeyBytes of the EthCrossChainData contract.
