Dos with revert

2018-03-13 18:25:51

While I was reading a guide on smart contract security (by consensys) I found this:


contract Auction {

address currentLeader;

uint highestBid;

function bid() payable {

require(msg.value > highestBid);

require(currentLeader.send(highestBid)); // Refund the old leader, if it fails then revert

currentLeader = msg.sender;

highestBid = msg.value;



The vulnerability here (quoted from the guide):

When it tries to refund the old leader, it reverts if the refund

fails. This means that a malicious bidder can become the leader while

making sure that any refunds to their address will always fail. In

this way, they can prevent anyone else from calling the bid()

function, and stay the leader forever.

How can someone make all the incoming transactions(the refunds) to their address fail? In case of a contract I guess the answer is having a revert inside the fallback function. In the case of simple address

  • An address can also be another contract, which is executed when the Auction tries to send funds to it. That other contract can just execute an illegal instruction or use up all the gas to make the refund transaction fail.

    Sending funds to account addresses cannot fail as far as I know (at least if the sender has sufficient funds).

    2018-03-13 18:48:17