Understanding authorization mechanisms: how vulnerabilities in smart contracts can be exploited to achieveTheft U attack

Second, the principle of theft U attack

The principle of the U-stealing attack is to useWallet LicensingInvoking the vulnerability of smart contracts to enable remote transfer of payments. Fraudsters gain control of the user's wallet by generating QR codes that guide the user to perform authorized operations

In software such as Token Wallet, Firecoin Wallet and IM Wallet, scammers take advantage of this authorization loophole to lure users into scanning QR codes and successfully gaining access to the user's wallet to transfer funds through wallet authorization. The crooks can then transfer USDT or other digital currencies from the user's wallet to their own wallets.

The implementation principle of the U theft attack is relatively complex, mainly involving the authorization mechanism and invocation method of smart contracts, as well as the security mechanism of the wallet software and user cognitive misconceptions. Specifically, the implementation principle of the U theft attack includes the following aspects.

1. Authorization mechanism for smart contracts

The authorization mechanism of smart contracts is the core of the U-theft attack. Through the authorization mechanism, smart contracts can obtain the transfer authority of users' wallets and realize the transfer and payment of digital currencies. The authorization mechanism is generally implemented using the approve and transferFrom functions, where the approve function is called by the authorized party (e.g., the user) and the transferFrom function is called by the authorized party (e.g., the smart contract). Specifically, the authorizer calls the approve function to authorize a certain amount of digital currency to the authorized party, and the authorized party, after being authorized, can call the transferFrom function to transfer the authorized digital currency to its own wallet.

The following is a simple Solidity smart contract code example that demonstrates how to use the approve and transferFrom functions to implement an authorized transfer.

pragma solidity ^0.8.0;

contract MyToken {
    string public name;
    string public symbol;
    uint8 public decimals;
    uint256 public totalSupply;
    mapping (address => uint256) public balanceOf;
    mapping (address => mapping (address => uint256)) public allowance;

    constructor(string memory _name, string memory _symbol, uint8 _decimals, uint256 _totalSupply) {
        name = _name;
        symbol = _symbol;
        decimals = _decimals;
        totalSupply = _totalSupply;
        balanceOf[msg.sender] = _totalSupply;
    }

    function approve(address _spender, uint256 _value) public returns (bool success) {
        allowance[msg.sender][_spender] = _value;
        return true;
    }

    function transferFrom(address _from, address _to, uint256 _value) public returns (bool success) {
        require(_value <= balanceOf[_from]);
        require(_value <= allowance[_from][msg.sender]);
        balanceOf[_from] -= _value;
        balanceOf[_to] += _value;
        allowance[_from][msg.sender] -= _value;
        return true;
    }
}

In the code above, the MyToken contract implements a basic token contract, including authorization and transfer functions. approve is used to allow an address to use a specified amount of tokens, while transferFrom is used to enable the transfer of funds from an authorized address to another address. When the authorized address calls the transferFrom function to make a transfer, the approve authorization operation must be performed first, otherwise an exception will be thrown.

2. Smart contract invocation method

The way the smart contract is called is an important part of the U theft attack. The fraudster can obtain the authorization authority of the user's wallet by calling the authorization function of the smart contract, and realize the transfer and payment of digital currency. Specifically, the fraudster can take advantage of the vulnerability of the smart contract to replace the authorization address of the authorization function with his own address, thus obtaining the authorization authority of the user's wallet.

3. Security mechanism of wallet software

The security mechanism of the wallet software is the key to theft U attacks. Different wallet software has different security mechanisms, such as Token wallet, Firecoin wallet and IM wallet. Generally speaking, the wallet software will prompt and confirm the authorization transaction, and the user needs to confirm the legitimacy and correctness of the authorization transaction before completing the authorization operation. In addition, the wallet software also performs blacklist detection and protection for smart contracts to prevent malicious contracts from attack.

4. User Perception Misconceptions

User cognitive misconceptions are the cause of U theft attacks. Many users do not know enough about the operation principles of digital currencies and smart contracts and are easily misled by scammers. For example, many users believe that as long as the QR code is issued by an official or well-known organization, it is safe and secure and there is no risk of U theft attacks. In addition, users are also prone to be negligent in their authorization operations and do not carefully confirm the legitimacy and correctness of authorized transactions, thus being exploited by fraudsters.

It is important to note that the authorization mechanism of smart contracts must be used with caution, otherwise it may lead to theft of tokens or other undesirable consequences. To prevent authorization from being used maliciously, it is recommended to use smart contracts that have passed security audits and not to authorize too many tokens to untrusted addresses.