An evaluation of the reentrancy vulnerability on GoQuorum-based smartcontracts

Bachelor thesis (2021)

Authors

S.M. Op den Orth Electrical Engineering, Mathematics and Computer Science

Contributors

K. Liang Cyber Security - EEMCS (mentor)
H. Chen Cyber Security - EEMCS (graduation committee member)
Faculty
Electrical Engineering, Mathematics and Computer Science, Electrical Engineering, Mathematics and Computer Science
Copyright: © 2021 Sara Op den Orth
More Info
expand_more

Published Date

02-07-2021

Language

English

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Faculty

Electrical Engineering, Mathematics and Computer Science

Abstract

Within the context of the Ethereum blockchain protocol, reentrancy is a well-known and well-researched smart contract vulnerability. However, when considering GoQuorum, an Ethereum soft fork, barely any research discussing smart contract vulnerabilities exists. This report aims to partly fill this research gap by evaluating the reentrancy smart contract vulnerability in the context of a GoQuorum network. First, the reentrancy attack was demonstrated and its attack features evaluated. Then any known countermeasures were collected. Moreover, it was proposed that some GoQuorum features may also be used as mitigation techniques. Finally, each countermeasure was assessed and categorized. Of all the methods, the checks-effects-interactions pattern is the most direct way to deal with the reentrancy vulnerability. To maximize contract security, however, it is advised to use a combination of the specified prevention and mitigation techniques.