DEV Community

Cover image for Solidity Security: The Significance of CHECK-EFFECTS-INTERACTION Pattern in Smart Contracts
Decipher with Zaryab
Decipher with Zaryab

Posted on • Edited on

Solidity Security: The Significance of CHECK-EFFECTS-INTERACTION Pattern in Smart Contracts

๐˜›๐˜ฐ ๐˜ข๐˜ญ๐˜ญ ๐˜ต๐˜ฉ๐˜ฆ ๐˜š๐˜”๐˜ˆ๐˜™๐˜› ๐˜Š๐˜ฐ๐˜ฏ๐˜ต๐˜ณ๐˜ข๐˜ค๐˜ต ๐˜‹๐˜ฆ๐˜ท๐˜ด ๐˜ฐ๐˜ถ๐˜ต ๐˜ต๐˜ฉ๐˜ฆ๐˜ณ๐˜ฆ, ๐Ÿ“ข
โš ๏ธ ๐™‰๐™€๐™‘๐™€๐™ ๐™‘๐™„๐™Š๐™‡๐˜ผ๐™๐™€ ๐™๐™ƒ๐™€ ๐˜พ๐™ƒ๐™€๐˜พ๐™†-๐™€๐™๐™๐™€๐˜พ๐™๐™Ž-๐™„๐™‰๐™๐™€๐™๐˜ผ๐˜พ๐™๐™„๐™Š๐™‰ ๐™‹๐˜ผ๐™๐™๐™€๐™๐™‰ โš ๏ธ

Building a secure smart contract does require adhering to the Best Practices.
And one of the most crucial practices to keep in mind is the ๐‚๐‡๐„๐‚๐Š ๐„๐…๐…๐„๐‚๐“๐’ ๐ˆ๐๐“๐„๐‘๐€๐‚๐“๐ˆ๐Ž๐ ๐๐š๐ญ๐ญ๐ž๐ซ๐ง while making External Calls.

๐–๐‡๐€๐“ ๐ž๐ฑ๐š๐œ๐ญ๐ฅ๐ฒ ๐๐จ๐ž๐ฌ ๐ข๐ญ ๐ฆ๐ž๐š๐ง?
In simple terms, it means that while designing a function in solidity, any state modification in the function must happen before an external call is made.

๐–๐‡๐˜ ๐”๐ฌ๐ž ๐ญ๐ก๐ข๐ฌ ๐๐š๐ญ๐ญ๐ž๐ซ๐ง?
Remember the DAO Hack of 2016 where the attacker drained 3.6 million ETH?
Well, one of the Imperative reasons behind that hack was the Violation of Check-Effects-Interaction patterns in function code.

๐™’๐™๐™ฎ ๐™—๐™š ๐™˜๐™–๐™ง๐™š๐™›๐™ช๐™ก ๐™ฌ๐™๐™š๐™ฃ ๐™€๐™ญ๐™š๐™˜๐™ช๐™ฉ๐™ž๐™ฃ๐™œ ๐™€๐™ญ๐™ฉ๐™š๐™ง๐™ฃ๐™–๐™ก ๐˜พ๐™–๐™ก๐™ก๐™จ?
An external call technically shifts the control over execution to another contract or a Third Party. This allows the Third-party contract to leverage from the fact that the Contract State didn't change before the external call.

It leads to an extremely undesirable scenario where a malicious actor can re-enter the contract and disturb the expected flow. Thus, leading to a potential Re-entrancy Scenario.
Check-Effects-Pattern

๐‡๐Ž๐– ๐๐จ๐ž๐ฌ ๐ญ๐ก๐ข๐ฌ ๐๐š๐ญ๐ญ๐ž๐ซ๐ง ๐’๐ž๐œ๐ฎ๐ซ๐ž ๐‚๐จ๐ง๐ญ๐ซ๐š๐œ๐ญ๐ฌ?
Let's understand this by breaking down the 3 imperative steps in this pattern. (๐˜”๐˜ฐ๐˜ด๐˜ต ๐˜ช๐˜ฎ๐˜ฑ๐˜ฐ๐˜ณ๐˜ต๐˜ข๐˜ฏ๐˜ต๐˜ญ๐˜บ, ๐˜๐˜ฏ ๐˜ต๐˜ฉ๐˜ฆ ๐˜ฆ๐˜น๐˜ข๐˜ค๐˜ต ๐˜ฐ๐˜ณ๐˜ฅ๐˜ฆ๐˜ณ)

  1. ๐—–๐—›๐—˜๐—–๐—ž
    The first part is to implement a ๐˜พ๐™ƒ๐™€๐˜พ๐™† or input validations(๐˜ธ๐˜ช๐˜ต๐˜ฉ ๐˜ณ๐˜ฆ๐˜ฒ๐˜ถ๐˜ช๐˜ณ๐˜ฆ ๐˜ฐ๐˜ณ ๐˜ข๐˜ด๐˜ด๐˜ฆ๐˜ณ๐˜ต ๐˜ด๐˜ต๐˜ข๐˜ต๐˜ฆ๐˜ฎ๐˜ฆ๐˜ฏ๐˜ต๐˜ด) to ensure that arguments passed are valid and the function is ready to be executed.

  2. ๐—˜๐—™๐—™๐—˜๐—–๐—ง๐—ฆ
    Resolve all the ๐™€๐™๐™๐™€๐˜พ๐™๐™Ž to the State of the Contract. This part involves optimistically modifying the State Variables to a valid state in the protocol.

  3. ๐—œ๐—ก๐—ง๐—˜๐—ฅ๐—”๐—–๐—ง๐—œ๐—ข๐—ก
    The final step should include any ๐™„๐™‰๐™๐™€๐™๐˜ผ๐˜พ๐™๐™„๐™Š๐™‰ with other external contracts. This is the step that should include any external call that is being made from the function, at the very end of the function.

โœง ๐ŸŽ€ ๐—œ๐—ป ๐—ฎ ๐—ก๐—จ๐—ง๐—ฆ๐—›๐—˜๐—Ÿ๐—Ÿ ๐ŸŽ€ โœง
External calls must be the very last thing that you should do in a function. ๐˜ผ๐™ฃ๐™ฎ ๐™จ๐™ฉ๐™–๐™ฉ๐™š ๐™ซ๐™–๐™ง๐™ž๐™–๐™—๐™ก๐™š ๐™ข๐™ค๐™™๐™ž๐™›๐™ž๐™˜๐™–๐™ฉ๐™ž๐™ค๐™ฃ ๐™ข๐™ช๐™จ๐™ฉ ๐™๐™–๐™ฅ๐™ฅ๐™š๐™ฃ ๐™—๐™š๐™›๐™ค๐™ง๐™š ๐™–๐™ฃ ๐™š๐™ญ๐™ฉ๐™š๐™ง๐™ฃ๐™–๐™ก ๐™˜๐™–๐™ก๐™ก ๐™ž๐™จ ๐™š๐™ญ๐™š๐™˜๐™ช๐™ฉ๐™š๐™™ ๐™ž๐™ฃ ๐™ค๐™ง๐™™๐™š๐™ง ๐™ฉ๐™ค ๐™–๐™ซ๐™ค๐™ž๐™™ ๐™– ๐™ง๐™š-๐™š๐™ฃ๐™ฉ๐™ง๐™–๐™ฃ๐™˜๐™ฎ ๐™จ๐™˜๐™š๐™ฃ๐™–๐™ง๐™ž๐™ค.

Moreover, even if attackers try to re-enter a function that follows the CHECK-EFFECTS-INTERACTION pattern, they cannot really abuse the State of the contract as it has been already modified before the external call is made.

Top comments (0)