What Are Common Security Pitfalls in Sui Move Development?

Question

I’m auditing a Sui Move smart contract and want to avoid critical vulnerabilities. From reviewing past exploits, I’ve seen: access control issues, arithmetic overflows, reentrancy risks, frontrunning, improper object ownership

Questions:

What are the most critical Sui Move vulnerabilities to watch for?

How does Move’s ownership model prevent/differ from traditional reentrancy?

Are there Sui-specific attack vectors (e.g., object spoofing)?

Evgeniy CRYPTOCOIN · Accepted Answer

Answer 1. Top 5 Security Pitfalls in Sui Move Improper Access Control Risk: Functions that should be restricted are callable by anyone. Example: move public fun admin_withdraw(signer: &signer) { // No check! withdraw_coins(signer, ...); } Fix: move public fun admin_withdraw(signer: &signer, admin_cap: &AdminCap) { assert!(address_of(signer) == admin_cap.admin, EUnauthorized); } Key Insight: Use capability patterns (AdminCap, OwnerCap) to gate sensitive ops. Arithmetic Overflows/Underflows Risk: u64 math wraps around silently (e.g., balances going to 0 → 2^64-1). Example: move let total = user_balance + deposit_amount; // Overflow possible Fix: move use sui::math; let total = math::checked_add(user_balance, deposit_amount)?; Pro Tip: Always use: math::checked_* (add/sub/mul/div) balance::join()/split() for coins. Shared Object Race Conditions Risk: Concurrent modifications to shared objects (e.g., AMM pools) leading to corrupted state. Example: move // Two TXNs read pool.reserves simultaneously → bad swap rates Fix: Use &mut exclusively where possible. For shared objects, design idempotent operations (e.g., require TXN digests as nonces). Sui Advantage: Move’s type system prevents reentrancy (unlike Solidity), but shared objects can still race. Frontrunning and MEV Risk: Miners reordering TXNs to extract value (e.g., sandwich attacks). Example: move // AMM swap with no slippage check: let dy = reserve_y * dx / reserve_x; // Miner can manipulate reserve_x/y Fix: Require min_received parameters: move assert!(dy >= min_dy, EInsufficientOutput); Use deadline checks: move assert!(tx_context::epoch(ctx) and Coin). Example: move public fun merge_coins(a: Coin, b: Coin) { ... } // Can be called with Coin and Coin if C isn’t constrained! Fix: move constraint C: store + drop; // Restrict valid types 2. Sui-Specific Attack Vectors Object Spoofing Risk: Fake objects injected via malicious RPC calls. Defense: Always verify object ownership (has key and owner field). Use object ID whitelists for critical operations. Dynamic Field Hijacking Risk: Attacker adds malicious dynamic fields to your object. Defense: Mark objects with store only if necessary. Use private wrappers for sensitive data.

0xduckmove · Answer

There are article about Security Best Practices for Building on Sui. Its awesome to check this https://blog.sui.io/security-best-practices/

帖子

分享您的知识。

What Are Common Security Pitfalls in Sui Move Development?

Questions:

答案

回答

1. Sui Move 中的五大安全陷阱

2. Sui 专属攻击向量

你知道答案吗？

赚取你的 1000 Sui 份额