Solidity Security

Development

Solidity is the primary language for Ethereum smart contracts. Understanding its quirks and common vulnerabilities is essential for security auditing.

Common Vulnerability Patterns

solidity-patterns.sol

solidity

// VULNERABLE: tx.origin for authentication
function withdraw() public &#123;
    require(tx.origin == owner);  // Can be phished!
    payable(msg.sender).transfer(address(this).balance);
&#125;

// SECURE: Use msg.sender
function withdraw() public &#123;
    require(msg.sender == owner);
    payable(msg.sender).transfer(address(this).balance);
&#125;

// VULNERABLE: Unchecked return value
function transfer(address to, uint amount) public &#123;
    token.transfer(to, amount);  // Might fail silently
&#125;

// SECURE: Check return value or use SafeERC20
function transfer(address to, uint amount) public &#123;
    require(token.transfer(to, amount), "Transfer failed");
&#125;

// VULNERABLE: Delegatecall to user-controlled address
function execute(address target, bytes calldata data) public &#123;
    target.delegatecall(data);  // Target can modify storage
&#125;

Static Analysis with Slither

slither-analysis.sh

bash

# Run Slither on contract
slither contracts/MyContract.sol

# Output to JSON for further processing
slither contracts/ --json output.json

# Check specific detector
slither . --detect reentrancy-eth

# Common findings:
# - reentrancy-eth (high severity)
# - uninitialized-state
# - arbitrary-send
# - controlled-delegatecall
# - unchecked-transfer

# Integrate with CI/CD
slither . --fail-pedantic

Solidity Security

Common Vulnerability Patterns

Static Analysis with Slither

Related Topics

Fundamentals

Reentrancy