Smart Contract Vulnerability - DoS with Block Gas Limit

1. DoS with Block Gas Limit
2. One of the primary benefits of a block gas limit is that it prevents attackers from creating an infinite transaction loop. If the gas usage of a transaction exceeds this limit, the transaction will fail. However, along with this benefit comes a side effect which is important to understand.
3.  
4. Unbounded Operations
5. An example in which the block gas limit can be an issue is in executing logic in an unbounded loop. Even without any malicious intent, this can easily go wrong. Just by e.g., having too large an array of users to send funds to can exceed the gas limit and prevent the transaction from ever succeeding, potentially permanently locking up funds.
6.  
7. This situation can also lead to an attack. Say a bad actor decides to create a significant amount of addresses, with each address being paid a small amount of funds from the smart contract. If done effectively, the transaction can be blocked indefinitely, possibly even preventing further transactions from going through.
8.  
9. An effective solution to this problem would be to use a pull payment system over the above push payment system. To do this, separate each payment into its transaction, and have the recipient call the function.
10.  
11. If, for some reason, you need to loop through an array of unspecified length, at least expect it to potentially take multiple blocks, and allow it to be performed in multiple transactions - as seen in this example:
12.  
13. struct Payee {
14.     address addr;
15.     uint256 value;
16. }
17.  
18. Payee[] payees;
19. uint256 nextPayeeIndex;
20.  
21. function payOut() {
22.     uint256 i = nextPayeeIndex;
23.     while (i < payees.length && msg.gas > 200000) {
24.       payees[i].addr.send(payees[i].value);
25.       i++;
26.     }
27.     nextPayeeIndex = i;
28. }
29.  
30. Block Stuffing
31. In some situations, your contract can be attacked with a block gas limit even if you don't loop through an array of unspecified lengths. An attacker can fill several blocks before a transaction can be processed by using a sufficiently high gas price.
32.  
33. This attack is done by issuing several transactions at a very high gas price. If the gas price is high enough, and the transactions consume enough gas, they can fill entire blocks and prevent other transactions from being processed.
34.  
35. Ethereum transactions require the sender to pay gas to disincentivize spam attacks, but in some situations, there can be enough incentive to go through with such an attack. For example, a block stuffing attack was used on a gambling Dapp, Fomo3D. The app had a countdown timer, and users could win a jackpot by being the last to purchase a key, except every time a user bought a key, the timer would be extended. An attacker bought a key and then stuffed the next 13 blocks in a row so they could win the jackpot.
36.  
37. To prevent such attacks from occurring, it's important to carefully consider whether it's safe to incorporate time-based actions in your application.
38.  
39. Example from: https://consensys.github.io/smart-contract-best-practices/attacks/denial-of-service/
40.  
41. Sources
42. https://consensys.github.io/smart-contract-best-practices/attacks/denial-of-service/
43. https://github.com/ethereum/wiki/wiki/Design-Rationale#gas-and-fees