CVE-2018-13877 in MegaCryptoPolis
Summary
by MITRE
The doPayouts() function of the smart contract implementation for MegaCryptoPolis, an Ethereum game, has a Denial of Service vulnerability. If a smart contract that has a fallback function always causing exceptions buys a land, users cannot buy lands near that contract's land, because those purchase attempts will not be completed unless the doPayouts() function successfully sends Ether to certain neighbors.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Analysis
by VulDB Data Team • 03/13/2020
The vulnerability identified in CVE-2018-13877 represents a critical denial of service flaw within the MegaCryptoPolis smart contract ecosystem, specifically targeting the doPayouts() function that governs land transaction processing. This vulnerability exploits the fundamental design of the game's smart contract architecture where land purchases are interdependent with payout distributions to neighboring properties. The flaw manifests when malicious actors deploy smart contracts containing fallback functions that consistently trigger exceptions or revert transactions, creating a cascade of failures that propagates through the game's land ownership system. The vulnerability directly maps to CWE-400, which categorizes denial of service weaknesses in software systems, and demonstrates how smart contract interactions can create systemic failure points when proper error handling and transaction isolation mechanisms are absent.
The technical implementation of this vulnerability stems from the smart contract's requirement that successful land purchases depend on the doPayouts() function completing successfully for neighboring properties. When a malicious contract with an exception-throwing fallback function purchases land, the subsequent payout processing fails, causing the entire transaction chain to collapse. This creates a domino effect where legitimate users attempting to purchase adjacent lands cannot complete their transactions because the system cannot successfully distribute payments to the problematic neighbor. The vulnerability operates at the intersection of Ethereum's transaction processing model and smart contract interaction patterns, where failed transactions in one contract can prevent related operations from executing properly. This architectural flaw violates the principle of transaction atomicity and demonstrates the importance of implementing robust error handling mechanisms in smart contract systems, particularly when dealing with external contract interactions that may not behave predictably.
The operational impact of this vulnerability extends beyond simple transaction failures, creating significant disruption to the game's economy and user experience. Users who attempt to purchase land adjacent to compromised properties face complete transaction failures, effectively locking them out of certain areas of the game map. This denial of service affects not only individual players but can potentially destabilize the entire game ecosystem by creating bottlenecks in land acquisition and development. The vulnerability also introduces potential financial losses for legitimate users who cannot complete their purchases, while simultaneously providing malicious actors with a mechanism to disrupt normal gameplay operations. The attack vector leverages the Ethereum network's deterministic execution model, where the failure of one smart contract operation can propagate through the entire transaction processing pipeline, as documented in various ATT&CK framework techniques related to smart contract manipulation and resource exhaustion attacks.
Mitigation strategies for this vulnerability require comprehensive architectural changes to the smart contract implementation, including implementing proper error handling mechanisms, transaction isolation patterns, and robust fallback procedures. The smart contract should be redesigned to ensure that individual transaction failures do not cascade to prevent related operations from completing successfully. Implementation of try-catch blocks around external contract calls, proper transaction rollback mechanisms, and independent payout processing for each land purchase can prevent the propagation of failures. Additionally, the system should implement transaction queuing and retry mechanisms that can handle exceptional cases without blocking legitimate operations. The vulnerability highlights the necessity of thorough smart contract auditing and testing, particularly around external contract interactions, and emphasizes the importance of following established security guidelines and best practices for blockchain application development as outlined in various industry standards and security frameworks.