{"id":687,"date":"2018-04-27T12:01:59","date_gmt":"2018-04-27T12:01:59","guid":{"rendered":"https:\/\/blockchain-society.science\/?p=687"},"modified":"2018-04-27T12:01:59","modified_gmt":"2018-04-27T12:01:59","slug":"smart-contracts-stupid-humans-new-major-ethereum-erc-20-token-bugs-batchoverflow-and-proxyoverflow-attack-of-the-50-foot-blockchain","status":"publish","type":"post","link":"https:\/\/blockchain-society.science\/?p=687","title":{"rendered":"Smart contracts, stupid humans: new major Ethereum ERC-20 token bugs BatchOverflow and ProxyOverflow | Attack of the 50 Foot Blockchain"},"content":{"rendered":"<blockquote><p>Smart contracts are fundamentally bad software engineering, part 666 of a never-ending series\u00a0\u2014 PeckShield have been running an automatic scanner on the public Ethereum blockchain:Built on our earlier efforts in analyzing EOS tokens, we have developed an automated system to scan and analyze Ethereum-based (ERC-20) token transfers. Specifically, our system will automatically send out alerts if any suspicious transactions (e.g., involving unreasonably large tokens) occur.They\u2019ve found a couple of beauties, which they\u2019ve branded \u201cBatchOverflow\u201d and \u201cProxyOverflow.\u201d These affect multiple ERC-20 tokens \u2014 which are the basis for almost all ICOs.The root cause is that smart contract coders just copy each other\u2019s code a lot, because who needs formal methods when you can cut\u2019n\u2019paste\u2019n\u2019bodge.<\/p><\/blockquote>\n<p>Source: <em><a href=\"https:\/\/davidgerard.co.uk\/blockchain\/2018\/04\/26\/smart-contracts-stupid-humans-new-major-erc-20-token-bugs-batchoverflow-and-proxyoverflow\/\">Smart contracts, stupid humans: new major Ethereum ERC-20 token bugs BatchOverflow and ProxyOverflow | Attack of the 50 Foot Blockchain<\/a><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Smart contracts are fundamentally bad software engineering, part 666 of a never-ending series\u00a0\u2014 PeckShield have been running an automatic scanner on the public Ethereum blockchain:Built on our earlier efforts in analyzing EOS tokens, we have developed an automated system to scan and analyze Ethereum-based (ERC-20) token transfers. Specifically, our system will automatically send out alerts [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[39,20,31,6,5,28],"tags":[],"_links":{"self":[{"href":"https:\/\/blockchain-society.science\/index.php?rest_route=\/wp\/v2\/posts\/687"}],"collection":[{"href":"https:\/\/blockchain-society.science\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blockchain-society.science\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blockchain-society.science\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blockchain-society.science\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=687"}],"version-history":[{"count":1,"href":"https:\/\/blockchain-society.science\/index.php?rest_route=\/wp\/v2\/posts\/687\/revisions"}],"predecessor-version":[{"id":688,"href":"https:\/\/blockchain-society.science\/index.php?rest_route=\/wp\/v2\/posts\/687\/revisions\/688"}],"wp:attachment":[{"href":"https:\/\/blockchain-society.science\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=687"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blockchain-society.science\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=687"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blockchain-society.science\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=687"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}