is a global variable in Solidity which returns the address of the account that sent the transaction. Contracts that use the to authorize users are vulnerable to phishing attacks. tx.origin tx.origin How? Let’s say a call could be made to the vulnerable contract that passes the authorization check since returns the original sender of the transaction which in this case is the authorized account. tx.origin Let's look at the example. contract Wallet {
    address public owner;

    constructor() payable {
        owner = msg.sender;
    }

    function transfer(address payable _to, uint _amount) public {
        require(tx.origin == owner);

        (bool sent, ) = _to.call{value: _amount}("");
        require(sent, "Failed to send Ether");
    }
}

contract Attack {
    address payable public owner;
    Wallet wallet;

    constructor(Wallet _wallet) {
        wallet = Wallet(_wallet);
        owner = payable(msg.sender);
    }

    function attack() public {
        wallet.transfer(owner, address(wallet).balance);
    }
} I created two contracts: that stores and withdraws funds, and which is a contract made by an attacker who wants to attack the first contract. Wallet Attack Note that the contract authorizes the function using . transfer tx.origin Now, if the owner of the contract sends a transaction with enough gas to the address, it will invoke the fallback function, which in turn calls the function of the contract with the parameter attacker. Wallet Attack transfer Wallet As a result, all funds from the contract will be withdrawn to the attacker's address. This is because the address that first initialized the call was the victim (i.e., the owner of the contract). Wallet Wallet Therefore, will be equal to the owner and the on will pass. tx.origin require How to prevent Tx Origin attacks The best way to prevent Tx Origin attacks is not to use the for authentication purposes. Instead, it is advisable to use (see below) tx.origin msg.sender function transfer(address payable _to, uint256 _amount) public {
  require(msg.sender == owner);

  (bool sent, ) = _to.call.value(_amount)("");
  require(sent, "Failed to send Ether");
} Sources: https://solidity-by-example.org/hacks/phishing-with-tx-origin/ https://medium.com/coinmonks/solidity-tx-origin-attacks-58211ad95514 https://blog.sigmaprime.io/solidity-security.html#tx-origin Also published . here

2022 - HackerNoon Contributor of the Year - Ethereum

2022 - HackerNoon Contributor of the Year - Programming

2022 - HackerNoon Contributor of the Year - Security

2022 - HackerNoon Contributor of the Year - Smart Contracts

2022 - HackerNoon Contributor of the Year - Solidity

Do not forget to follow me 

Nominated for 2022 - HackerNoon Contributor of the Year - Ethereum

Nominated for 2022 - HackerNoon Contributor of the Year - Smart Contracts

Nominated for 2022 - HackerNoon Contributor of the Year - Solidity

Nominated for 2022 - Software Developer of the Year

Nominated for 2022 - HackerNoon Contributor of the Year - Programming

Nominated for 2022 - HackerNoon Contributor of the Year - Security

Too Long; Didn't Read

In your car, at home, or at work — Bosch technology shapes many areas of life.

Hacking Solidity: Contracts Using tx.origin for Authorization Are Vulnerable To Phishing

Hacking Solidity: Contracts Using tx.origin for Authorization Are Vulnerable To Phishing

Too Long; Didn't Read

Kamil Polak

About Author

TOPICS

Languages

THIS ARTICLE WAS FEATURED IN...

Hacking Solidity: Contracts Using tx.origin for Authorization Are Vulnerable To Phishing

Too Long; Didn't Read

Kamil Polak

About Author

TOPICS

Languages

THIS ARTICLE WAS FEATURED IN...

RELATED STORIES