FREE Blockchain Security Training DeFi Security and Audits Questions and Answers

Question 1

A DeFi lending protocol uses the spot price from a single, low-liquidity decentralized exchange (DEX) to value collateral. An attacker secures a large flash loan, uses it to artificially inflate an asset's price on that specific DEX, and then deposits the inflated asset as collateral to borrow a much larger sum of other assets. What is the primary vulnerability exploited in this scenario?

Accepted Answer

C) Use of a single, easily manipulated spot-price oracle.

Answer

The core vulnerability is the protocol's reliance on a single, spot-price-based oracle, which can be easily manipulated. Flash loans provide attackers with the capital to drastically skew the price of an asset in a low-liquidity pool within a single transaction. Robust protocols mitigate this by using Time-Weighted Average Prices (TWAPs) or aggregating data from multiple, high-quality oracle sources.

Question 2

A smart contract contains a function to transfer ownership: `function changeOwner(address newOwner) public { require(tx.origin == owner); owner = newOwner; }`. Why is using `tx.origin` for authorization a critical security flaw?

Accepted Answer

A) A user can be phished into calling a malicious intermediary contract, which then successfully calls `changeOwner` on their behalf, as the `tx.origin` remains the user's address.

Answer

`tx.origin` refers to the externally owned account (EOA) that initiated the entire transaction chain. If a user is tricked into calling a malicious contract, that contract can then call the vulnerable contract. The `tx.origin` check will pass because it sees the user's address as the originator, allowing the malicious contract to execute the privileged function. `msg.sender`, which refers to the immediate caller, should always be used for authorization to prevent this type of phishing attack.

Question 3

A DeFi protocol's governance mechanism allows token holders to vote on proposals. An attacker uses a flash loan to borrow a massive quantity of the protocol's governance tokens, uses them to vote for a malicious proposal to transfer treasury funds to themselves, and repays the loan, all within a single transaction. This exploit is best described as what type of attack?

Accepted Answer

A) Flash loan-assisted governance manipulation.

Answer

This is a classic example of a governance attack facilitated by a flash loan. The attacker leverages temporarily acquired, massive voting power to pass a self-serving proposal. The vulnerability lies in a governance design that doesn't account for such temporary accumulations of voting power, for instance, by lacking adequate time-locks or by not basing voting power on a historical token balance.

Question 4

A development team deploys an upgradeable smart contract using the UUPS proxy pattern. They deploy the proxy and the implementation contract, but neglect to call the `initialize` function on the implementation contract itself. What is the most severe and immediate security risk of this oversight?

Accepted Answer

C) An attacker can call the public `initialize` function on the implementation contract directly, potentially seizing ownership and bricking the contract via `selfdestruct`.

Answer

In UUPS proxy patterns, initializer functions are often unprotected in the implementation contract, as they are meant to be called only once via `delegatecall` from the proxy's context. If left uninitialized, anyone can call this function directly on the implementation contract. An attacker can use this to take ownership of the implementation, which could allow them to call a `selfdestruct` function and permanently disable the logic for the main proxy contract.

Question 5

Which of the following BEST describes the role of a professional smart contract security audit?

Accepted Answer

D) To perform a time-boxed code review to identify vulnerabilities, assess risks, and provide mitigation advice.

Answer

A smart contract audit is a thorough, expert review of the codebase within a specific timeframe. Its primary purpose is to identify and report security vulnerabilities, logic flaws, and other risks, then provide recommendations for remediation. It is not a guarantee of absolute security, nor is its main focus gas optimization or writing tests, although those may be secondary outcomes or recommendations.

Blockchain Practice Test

Blockchain Practice Test

FREE Blockchain Security Training DeFi Security and Audits Questions and Answers