WETH Permit Exploit: Developer's Guide
Understanding the Vulnerability
The WETH (Wrapped Ether) contract lacks a 'permit' function, but due to its fallback function, it doesn't revert when 'permit' is called. This can lead to unexpected behavior in contracts interacting with WETH.
Exploit Mechanism
- User approves a vulnerable contract to spend their WETH.
- Attacker calls a function like 'depositWithPermit' on the vulnerable contract.
- The contract attempts to call 'permit' on WETH, which silently succeeds due to the fallback.
- The contract then transfers WETH from the user to itself, crediting the attacker.
- Attacker withdraws the stolen WETH.
Prevention Strategies
- Token-specific logic: Implement different logic for WETH and other ERC20 tokens.
- Explicit checks: Verify the existence of the 'permit' function before calling it.
- Use interfaces: Employ strict interfaces for token interactions to catch missing functions at compile-time.
- Avoid universal solutions: Don't assume all ERC20 tokens behave identically.
Key Takeaways
- Always thoroughly test interactions with external contracts.
- Be aware of the unique behaviors of popular tokens like WETH.
- Implement robust error handling and input validation.
- Regularly audit your smart contracts for potential vulnerabilities.