Description
Evmos is a scalable, high-throughput Proof-of-Stake EVM blockchain that is fully compatible and interoperable with Ethereum. Prior to 17.0.0, there is a way to mint arbitrary tokens due to the possibility to have two different states not in sync during the execution of a transaction. The exploit is based on the fact that to sync the Cosmos SDK state and the EVM one, we rely on the `stateDB.Commit()` method. When we call this method, we iterate though all the `dirtyStorage` and, **if and only if** it is different than the `originStorage`, we set the new state. Setting the new state means we update the Cosmos SDK KVStore. If a contract storage state that is the same before and after a transaction, but is changed during the transaction and can call an external contract after the change, it can be exploited to make the transaction similar to non-atomic. The vulnerability is **critical** since this could lead to drain of funds through creative SC interactions. The issue has been patched in versions >=V17.0.0.
EPSS Score:
1%
Comprehensive Technical Analysis of EUVD-2024-1080
1. Vulnerability Assessment and Severity Evaluation
Vulnerability Description:
EUVD-2024-1080 affects Evmos, a scalable, high-throughput Proof-of-Stake (PoS) EVM blockchain compatible with Ethereum. The vulnerability arises from a synchronization issue between the Cosmos SDK state and the EVM state during transaction execution. Specifically, the stateDB.Commit() method, which iterates through dirtyStorage, only updates the Cosmos SDK KVStore if the dirtyStorage differs from the originStorage. This can lead to non-atomic transactions if a contract storage state is changed during a transaction but remains the same before and after the transaction.
Severity Evaluation:
The vulnerability is classified as critical with a CVSS base score of 9.1. The CVSS vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H indicates:
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): None (N)
- User Interaction (UI): None (N)
- Scope (S): Unchanged (U)
- Confidentiality (C): None (N)
- Integrity (I): High (H)
- Availability (A): High (H)
The high integrity and availability impact, combined with the low complexity and lack of required privileges, underscore the critical nature of this vulnerability.
2. Potential Attack Vectors and Exploitation Methods
Attack Vectors:
- Token Minting: An attacker could exploit the vulnerability to mint arbitrary tokens by manipulating the state during a transaction.
- Fund Draining: Creative smart contract (SC) interactions could be used to drain funds from vulnerable contracts.
- Non-Atomic Transactions: The ability to create non-atomic transactions could lead to inconsistent states, enabling various forms of financial exploitation.
Exploitation Methods:
- State Manipulation: By carefully crafting transactions that change the contract storage state during execution but revert it back to the original state, an attacker can bypass the synchronization check.
- External Contract Calls: An attacker could call external contracts after changing the state, exploiting the non-atomic nature of the transaction to manipulate the blockchain state.
3. Affected Systems and Software Versions
Affected Systems:
- Evmos blockchain versions prior to 17.0.0.
Software Versions:
- All versions of Evmos < 17.0.0 are vulnerable.
- The issue has been patched in versions >= 17.0.0.
4. Recommended Mitigation Strategies
Immediate Actions:
- Upgrade: Immediately upgrade to Evmos version 17.0.0 or later.
- Monitoring: Implement enhanced monitoring for unusual transaction patterns and state changes.
- Audit: Conduct a thorough audit of smart contracts to identify and mitigate potential exploitation vectors.
Long-Term Strategies:
- Regular Updates: Ensure regular updates and patches are applied to the blockchain software.
- Security Best Practices: Follow best practices for smart contract development and deployment to minimize vulnerabilities.
- Community Collaboration: Engage with the Evmos community and security researchers to stay informed about emerging threats and mitigations.
5. Impact on European Cybersecurity Landscape
Regulatory Compliance:
- The vulnerability highlights the importance of adhering to regulatory standards for blockchain security, such as those outlined by the European Union Agency for Cybersecurity (ENISA).
Financial Stability:
- Given the potential for financial exploitation, the vulnerability poses a significant risk to the stability of financial systems built on the Evmos blockchain.
Reputation and Trust:
- The discovery and exploitation of such vulnerabilities can erode trust in blockchain technologies, impacting their adoption and integration into mainstream financial systems.
6. Technical Details for Security Professionals
Code Analysis:
- The vulnerability is rooted in the
stateDB.Commit()method, which iterates throughdirtyStorageand updates the Cosmos SDK KVStore only ifdirtyStoragediffers fromoriginStorage. - Relevant code sections include:
state_object.golines 53-68statedb.golines 33-55 and 460-465
Patch Details:
- The patch in version 17.0.0 addresses the synchronization issue by ensuring that state changes are properly committed, preventing non-atomic transactions.
References:
- GitHub Security Advisory: GHSA-3fp5-2xwh-fxm6
- NVD Entry: CVE-2024-32644
- Patch Commit: 08982b5ee726b97bc50eaf58d1914829648b6a5f
Conclusion: EUVD-2024-1080 represents a critical vulnerability in the Evmos blockchain that requires immediate attention. By understanding the technical details and implementing the recommended mitigation strategies, organizations can protect their systems and maintain the integrity of their blockchain-based applications.