Kingdom: Environment
This section includes everything that is outside of the source code but is still critical to the security of the product that is being created. Because the issues covered by this kingdom are not directly related to source code, we separated it from the rest of the kingdoms.
Dynamic Code Evaluation: Delegatecall
Abstract
The contract uses
delegatecall to call into a potentially untrusted contract.Explanation
Unlike a regular message call, using
Example 1: The following code uses
delegatecall causes the code at the target address to be executed in the context of the calling address. delegatecall effectively enables the smart contract to dynamically load code from a different address at runtime, which is dangerous as the code at the target address can change any storage values and potentially take full control over the caller's balance.Example 1: The following code uses
delegatecall to execute code in the context of the calling address.
function forward(address callee, bytes _data) public {
require(callee.delegatecall(_data));
}
References
[1] Enterprise Ethereum Alliance No delegatecall()
[2] Standards Mapping - Common Weakness Enumeration CWE ID 829
[3] Standards Mapping - Smart Contract Weakness Classification SWC-112
desc.structural.solidity.swc112