Smart Contract Vulnerability - DoS with (Unexpected) revert

1. DoS with (Unexpected) revert
2. A DoS (Denial of Service) may be caused when logic is unable to be executed as a result of an unexpected revert. This can happen for several reasons and it's important to consider all how your logic may revert. The examples listed below are non-exhaustive.
3.  
4. Reverting funds transfer
5. DoS (Denial of Service) attacks can occur in functions when you try to send funds to a user and the functionality relies on that fund transfer being successful.
6.  
7. This can be problematic in the case that the funds are sent to a smart contract created by a bad actor since they can simply create a fallback function that reverts all payments.
8.  
9. For example:
10.  
11. // INSECURE
12. contract Auction {
13.     address currentLeader;
14.     uint highestBid;
15.  
16.     function bid() payable {
17.         require(msg.value > highestBid);
18.  
19.         require(currentLeader.send(highestBid)); // Refund the old leader, if it fails then revert
20.  
21.         currentLeader = msg.sender;
22.         highestBid = msg.value;
23.     }
24. }
25.  
26. As you can see in this example, if an attacker bids from a smart contract with a fallback function reverting all payments, they can never be refunded, and thus no one can ever make a higher bid.
27.  
28. This can also be problematic without an attacker present. For example, you may want to pay an array of users by iterating through the array, and of course, you would want to make sure each user is properly paid. The problem here is that if one payment fails, the function is reverted and no one is paid.
29.  
30. address[] private refundAddresses;
31. mapping (address => uint) public refunds;
32.  
33. // bad
34. function refundAll() public {
35.     for(uint x; x < refundAddresses.length; x++) { // arbitrary length iteration based on how many addresses participated
36.         require(refundAddresses[x].send(refunds[refundAddresses[x]])) // doubly bad, now a single failure on send will hold up all funds
37.     }
38. }
39.  
40. An effective solution to this problem would be to use a pull payment system over the above push payment system. To do this, separate each payment into its transaction, and have the recipient call the function.
41.  
42. contract auction {
43.     address highestBidder;
44.     uint highestBid;
45.     mapping(address => uint) refunds;
46.  
47.     function bid() payable external {
48.         require(msg.value >= highestBid);
49.  
50.         if (highestBidder != address(0)) {
51.             refunds[highestBidder] += highestBid; // record the refund that this user can claim
52.         }
53.  
54.         highestBidder = msg.sender;
55.         highestBid = msg.value;
56.     }
57.  
58.     function withdrawRefund() external {
59.         uint refund = refunds[msg.sender];
60.         refunds[msg.sender] = 0;
61.         (bool success, ) = msg.sender.call.value(refund)("");
62.         require(success);
63.     }
64. }
65.  
66. Examples from: https://consensys.github.io/smart-contract-best-practices/attacks/denial-of-service/ https://consensys.github.io/smart-contract-best-practices/development-recommendations/general/external-calls/
67.  
68. Over/Underflow
69. Before SafeMath usage, whether built-in in solidity >=0.8.0 or using a library, over/underflows would result in rolling over to the minimum/maximum value. Now that checked math is commonplace, it's important to recognize that the effect of checked under/overflows is a revert, which may DoS important logic.
70.  
71. Regardless of the usage of checked math, it's necessary to ensure that any valid input will not result in an over/underflow. Take extra care when working with smaller integers e.g. int8/uint8, int16/uint16, int24/uint24, etc...
72.  
73. Unexpected Balance
74. It's important to take caution in enforcing expected contract balances of tokens or Ether as those balances may be increased by an attacker to cause an unexpected revert. This is easily possible with ERC20 tokens by simply transferring to the contract but is also possible with Ether by Forcibly sending Ether to a contract.
75.  
76. Consider, for example, a contract that expects the Ether balance to be 0 for the first deposit to allow for custom accounting logic. An attacker may forcibly send Ether to the contract before the first deposit, causing all deposits to revert.
77.  
78. Sources
79. https://consensys.github.io/smart-contract-best-practices/attacks/denial-of-service/
80. https://consensys.github.io/smart-contract-best-practices/development-recommendations/general/external-calls/