status

Why is simple to drain the Ethereum wallet, unlike the Cardano wallet?

Published 28.2.2024

In the realm of decentralized applications (DApps), users can unfortunately fall prey to malicious actors. These bad actors can deceive users into signing transactions that result in the draining of assets from their wallets. This issue is particularly prevalent in the Ethereum ecosystem, and it’s not merely due to its larger size. In Ethereum, users usually pre-authorize DApps to transfer any amount of assets from their wallets at a future time. While this feature may seem convenient, it is often exploited by malicious entities, commonly referred to as ‘Ethereum drainers’. Such incidents are less common in the Cardano ecosystem. In the article, we will explain why this is so.

Pre-Approval of Future Transfer of Assets is Dangerous

Ideally, a smart contract should not have an owner or any mechanism that permits the owner to transfer assets from the smart contract to an external address. This attribute endows smart contracts with a degree of trust. Users can confidently delegate their assets to a smart contract (trust the code, not people), secure in the knowledge that no third party can manipulate these assets. Consequently, users need not place their trust in the team that deployed the smart contract.

Nonetheless, it is possible to incorporate a transfer function into the smart contract, which enables the owner to transfer tokens from the smart contract to another address.

Such a feature is typically associated with malicious smart contracts.

Ethereum drainers contain a ‘transferFrom’ function that is used to move digital assets from the user’s wallet to the smart contract. Then a ‘transfer’ function is used to transfer assets to the attacker's address.

The ‘transferFrom’ function is commonly used by DApps and is a part of the ERC-20 token standard. It allows a smart contract to transfer a certain amount of tokens from one address to another, given that the source address has approved the smart contract to do so. More about the approval later.

Once the assets are controlled (owned) by the smart contract, the ‘transfer’ function can be used to move them from the smart contract to another address.

The ‘transfer’ function is also a part of the ERC-20 token standard. It is used to transfer tokens directly from the function caller’s address to another address.

In the context of a smart contract, if a transfer function is present that allows the contract owner to transfer tokens from the contract to any external address, it could potentially be a sign of a malicious contract. The address could be controlled by the attacker.

Ethereum wallet drainers abuse the ‘approve’ function.

When interacting with a smart contract in the Ethereum ecosystem, users often have to approve the contract to spend a certain amount of tokens from their wallet. This is known as a 'token approval' transaction.

Normally, for non-malicious use cases, this is useful. Users can approve a DApp to buy assets at a target price without moving assets out of the wallet in advance. The transfer is to happen at the appropriate time.

Once the 'approve' transaction is signed, the smart contract can call the 'transferFrom' function at any time without requiring any further approvals or actions from the user. The 'transferFrom' function is an on-chain transaction and requires GAS fees, which are paid from the user’s wallet automatically.

Both the 'approve' and 'transferFrom' transactions require GAS fees.

Attackers often trick users into calling the approve function of a malicious contract, allowing it to later use transferFrom to drain tokens from the user’s wallet. The transfer function could potentially be used similarly if the contract is designed to accept and hold tokens.

How Draining a Wallet Works Step-By-Step

The attack starts with social engineering. The attacker has to create a convincing phishing website or a malicious DApp. They often pay Google to show users their fraudulent website as the first link. There are many ways to trick users and lure them into a trap.

A malicious DApp can be a fake version of a popular DeFi service (DEX or lending platform) or a new DApp that promises high returns. It can also be attractive minting an NFT series, staking tokens for yield farming, or participating in a token sale.

The user visits the malicious website or DApp and decides to interact with it.

To interact with the DApp, the user is asked to connect their Ethereum wallet. Once the wallet is connected, the DApp asks the user to sign an 'approve' transaction. The user is asked to approve the spending of a large amount of tokens, often the maximum possible amount.

Users may not find it suspicious, as they normally sign ‘approve’ transactions in the case of non-malicious DApps. They may not pay attention to important details.

A user confirms the transaction in their wallet, not realizing that he has given the malicious smart contract permission to spend all of his tokens.

Once the transaction is confirmed, the malicious smart contract can call the transfer (or transferFrom) function at any time to drain all the approved tokens from the user's wallet.

It is possible to revoke the approval given to an Ethereum smart contract. This process is often referred to as revoking token allowances or revoking token approvals. Revoking an approval is an on-chain transaction, so users will need to pay GAS fees. Some users might hesitate to revoke token approvals due to the associated fees.

In most cases, however, attackers act quickly, so users do not have time to realize that they have made a mistake.

Why Is It Not Possible To Drain A Cardano Wallet So Easily?

In both the Cardano and Ethereum ecosystems, there’s a risk that an attacker might trick you into signing a transaction that transfers more assets than you intended.

Unlike Ethereum, Cardano’s smart contracts don’t have an equivalent approval mechanism. This means that a smart contract can’t be granted unlimited access to a user’s wallet. As a result, a malicious smart contract can’t drain a user’s wallet without the user explicitly signing a transaction for each transfer.

Smart contracts in Cardano are essentially validator scripts. These scripts are automatically executed by each Cardano node when validating a transaction that attempts to move funds from the script’s address.

The difference between Cardano's UTxO model and Ethereum's account-based model is significant when it comes to the possibility of draining wallets.

Cardano uses the UTxO model where assets are stored in unspent outputs rather than as balances in accounts. In this model, a transaction has inputs and outputs, where the inputs are unspent outputs from previous transactions. Each UTxO can only be consumed once and as a whole. Therefore, there’s no equivalent to Ethereum’s approve function in Cardano’s UTxO model.

Typically, a transaction only involves a limited number of UTxOs that a user possesses in their wallet. Any UTxOs that are not included as inputs in the transaction remain unaffected by the transaction signature.

From a security point of view, this model can be seen as more resistant to drain wallet attacks.

You can see in the picture that Alice has to sign every single transaction that spends UTxO. It is not possible for a smart contract to arbitrarily transfer UTxOs owned by Alice.

An Ethereum account, represented by a single address, can hold balances of multiple different types of tokens, including various ERC-20 tokens. The approve function doesn’t usually grant spending approval for the whole account. Instead, it grants a specific smart contract the approval to spend a certain amount of a specific ERC-20 token from the user’s account.

However, malicious smart contracts can be unintentionally approved to spend tokens from the user’s entire account. The approval mechanism can be exploited by malicious smart contracts to drain tokens from a user’s wallet without requiring any further approvals or actions from the user.

In the picture, you can see that Alice only signed the ‘approve’ transaction. This allowed the malicious smart contract to transfer all tokens from her account.

To prevent the loss of all assets from their account, users should ensure that they only grant spending approvals to reliable and trustworthy smart contracts.

Conclusion

Ethereum’s approve function provides developers with a feature akin to permitting a third party to periodically withdraw a specified amount from your bank account. While this is a useful function, it requires users to trust the third party not to exceed their withdrawal limit. On the other hand, Cardano does not offer a similar feature to developers. Users are required to explicitly sign each transaction that spends UTxOs from their wallet.

Both approaches have their merits. The respective teams had to strike a balance between ensuring security and providing a wide range of options for developers when crafting smart contracts. While Cardano’s scripts are designed to verify if the conditions for spending UTxOs have been met, Ethereum’s smart contracts can gain control over user accounts.

Featured:

Related articles

Did you enjoy this article? Other great articles by the same author