How Formal Verification Would Have Prevented the Stolen of 2 Billion EduCoin CertiK Follow May 24, 2018 · 3 min read

CertiK: formal verification platform for smart contract and blockchain ecosystems

On May 23rd, a new bug was found in EduCoin’s smart contract, prompting several exchanges to result in more than 2 billion EDU tokens missing. EduCoin reaches market capitalization of $0.00 over last 24-hour.

Let’s briefly review this incidence and see how CertiK’s formal verification engine detected the issue by one click.

What Happened

Let’s focus on the transferFrom function, which, as its name suggests, transfers a fixed value (line 1, _value) from a given address (line 1, _from) to another address (line 1, _to)：

However, this function does not check if this transfer is allowed or not:

allowed[_from][msg.sender] -= _value; // bug!

Without validating that the amount of tokens that is allowed to be transferred (allowed[_from][msg.sender]), an overflow may occur and make allowed[_from][msg.sender] to be negative. This gives hackers the ability to transfer EDU tokens from any addresses to their own address and more than 2 billion EDU tokens have been stolen since May 23, 2018. Hypothetically, the hackers could ransack all EDU holders by exploiting this existing bug.

How to detect this bug automatically using CertiK?

These types of bugs are usually straightforward in hindsight. But not quite so when you try to locate it from a pile of codes.

What if I tell you that this bug can be easily tracked down by “one click” using CertiK? Below is a screenshot of a sample report that generated by CertiK’s formal verification engine in only 24.9ms:

Tracking down the illegal transfer problem

The entire verification process completes in seconds with the bug detected and a straightforward counter-example that violates the specification. If, for instance, EduCoin had their contract verified by CertiK, the bug would have been fixed before its release.