Title

Insufficient Gas Griefing

Relationships

CWE-691: Insufficient Control Flow Management

Description

Insufficient gas griefing attacks can be performed on contracts which accept data and use it in a sub-call on another contract. If the sub-call fails, either the whole transaction is reverted, or execution is continued. In the case of a relayer contract, the user who executes the transaction, the 'forwarder', can effectively censor transactions by using just enough gas to execute the transaction, but not enough for the sub-call to succeed.

Remediation

There are two options to prevent insufficient gas griefing:

Only allow trusted users to relay transactions.
Require that the forwarder provides enough gas.

References

Consensys Smart Contract Best Practices
What does griefing mean?
Griefing Attacks: Are they profitable for the attacker?

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

SWC-126.md

SWC-126.md

Title

Relationships

Description

Remediation

References

Files

SWC-126.md

Latest commit

History

SWC-126.md

File metadata and controls

Title

Relationships

Description

Remediation

References