Postmortem Analysis of Cycle Exploit on Our Site
In a recent development, the SHM network has successfully resolved a significant security issue that occurred during cycle 111165. The incident, first noticed by a community member named NoviceCrypto on the Discord server, resulted in the crediting of approximately 500K SHM tokens that were later found to be faulty.
The root cause of the issue was an "off-by-one" error in the certificate validation logic of the network's validator software. This type of error can lead to incorrect iteration or boundary checks during the validation process of certificate-related data. In this case, the error allowed a phony cycle certificate to be placed into the 0 element of the array, which skipped the marker validation step, enabling the attack.
As a result, the system erroneously approved or credited the 500K SHM tokens. Although the specific code or logic details are yet to be audited, it is clear that this off-by-one error led to the system recognizing certain transactions or certificates as valid when they were not, causing the improper crediting.
Fortunately, the incident did not affect regular SHM holders, and no action was required from them. The attacker, showing a commendable act of responsibility, voluntarily returned the SHM received through the exploit. The returned SHM will be burned in a transaction to be announced.
To prevent such incidents in the future, the website team has taken several measures. A mandatory security patch, Validator v1.19.3, has been released to correct the underlying flaw and implement additional defensive checks. To check if your validator node is patched, you can look for the latest version on the GUI main dashboard or the server terminal output.
Moreover, a public security email list will be launched for developers, node operators, and community members to stay informed about such issues. A bug bounty program will also be announced to encourage responsible disclosure of vulnerabilities.
To further strengthen the network's security, the team is evaluating the integration of external monitoring and alerting tools, such as anomaly detection and on-chain analytics. The incident appears to be an isolated one, with no evidence of further impact across the network's history.
Lastly, the website team would like to express their gratitude to NoviceCrypto for reporting and helping monitor the discrepancy quickly. A Security Incident Response Playbook will be formalized and published to streamline critical event processes. The SHM network remains committed to maintaining a secure and reliable environment for its users.
The Finance team is considering integrating advanced cybersecurity measures into the system, given the recent incident that exploited a vulnerability in the validator software. This includes employing technology-driven solutions for certificate validation to reduce the risk of similar off-by-one errors in the future.
Investing in education and awareness programs for the community could also prove beneficial, ensuring users are well-informed about the importance of updating their validator nodes and reporting any suspicious activities to maintain a secure network environment.
