Insufficient gas griefing attacks are asubset of griefing attacks that particularly affect smart contracts performingexternal calls without validating the success return value. In this attack, theattacker provides a limited gas amountto execute solely the internal function logic, neglecting to provide enough gasfor any potential external calls. If the contract lacks mechanisms to verifythe success of external function calls or fails to assess the required gasamount for sub-calls, it proceeds as though no issues occurred. However, thisposes significant risks.
Consider the contract below:
The "relay" function in the"CustomRelayer" contract takes a bytes parameter, marks it asexecuted in the "executed" mapping, and then initiates an externalcall to the "CustomTarget" contract without verifying its success.
If an attacker supplies an insufficientamount of gas, adequate only to set the bytes' execution status to true but notfor the external call, the contract continues execution without detecting thefailure. While this attack may not directly benefit the attacker, it introducesgrief for the contract owner by generating a list of "executed" bytesthat weren't actually executed.
Consider another contract below:
The provided sample contract neglects toverify the success of the external call, simply continuing executionregardless. Consequently, after dispatch function execution, the supplied datais flagged as executed in the executed mapping, preventing further submissionsof the same data.
In this case, a forwarder invokes`dispatch` with minimal gas, enough for the CustomForwarder contract to executesuccessfully but inadequate for the external call. This results in a revert dueto an out-of-gas error. Consequently, the user's transaction remainsunexecuted, leading to the invalidation of their signature.
1. To ensure adequate gas supply, implementgas estimation for both the function and external calls using a"require" statement. Validate that the provided gas is ample toexecute them.
2. Validate the return values of externalcalls, verifying they match the expected outcome.
3. Restrict relay transactions exclusivelyto trusted users by integrating an access control mechanism
