EOS CTO Dan Larimer shares ways to prevent RAM exploits, how to free consumed RAM & more
EOS CTO Dan Larimer explained in details about unexpected EOS RAM consumption, ways to prevent and future plans. In the post, he highlighted that governance processes can fix code behaving contrary to the intent of parties and long-term upgrade can make default behaviour safer.
“Some users and EOSIO-based smart contracts have unintentionally had their RAM resources consumed by malicious 3rd parties who have created specialized smart contracts,” Dan wrote on Medium post, “This occurs due to a misunderstanding of a feature designed to enable contracts to notify other contracts of events, such as an incoming transfer. The malicious contracts use this notification feature to fill other people’s RAM with random data without informed consent and then provide no way to free this data.”
He compares this kind of attack with vandalism and mentions, “[It] should do no long term damage to the parties involved once the EOS governance process can review and remedy the situation.”
Practices to prevent EOS RAM exploits
Users should review the contracts they interact with or ask a trusted 3rd party to review the contracts on their behalf. “Developers who programmatically send tokens to accounts specified by untrusted 3rd parties should relay the transfer through an account without free RAM resources,” he suggests.
It is applicable to both centralized exchanges and decentralized exchanges. In fact, a number of wallet providers have already taken steps to warn users about suspicious transactions that may consume RAM.
Free consumed RAM via governance processes
Dan Larimer point out that if a malicious contract takes advantage of a mismatch between users’ intent and actual effect of the code, block producers can blacklist the malicious contract.
“… a dispute is arbitrated between the author of the malicious contract and those who interacted with it,” Dan Larimer explains, “If arbitration finds that the behaviour of the code is contrary to the intent of the parties who interacted with the code, then the elected producers are free to update the code in such a way that the outcome matches the original intent of the parties as closely as possible.” In such cases, the code will be updated to free the unexpected RAM consumption and not consume RAM in the future.
Hinting at the steps taken to fix the problem, he wrote, “We are preparing a producer-only upgrade that would change the default behavior to prevent the receiver of an action notification (e.g. a token transfer notification) from unexpectedly consuming the sender’s RAM.”
Image via Shutterstock
Join our Telegram group