Last updated: December 19, 2024
SCWE-016: Insufficient Authorization
Content in BETA
This content is in beta and still under active development, so it is subject to change any time (e.g. structure, IDs, content, URLs, etc.).
Send Feedback
Relationships
Description
Insufficient authorization occurs when the contract does not verify whether a user has the appropriate permissions to perform specific actions. This vulnerability arises when there are missing or improperly implemented authorization checks, allowing unauthorized users to access functions they should not have access to.
Common causes of insufficient authorization include:
- Missing access control modifiers or incorrect configuration.
- Failure to validate roles before granting access to sensitive functions.
- Poor handling of user permissions, which could lead to privilege escalation.
- Implement role-based access control (RBAC): Define roles such as
admin, user, etc., and assign permissions accordingly to ensure only authorized users can call restricted functions.
- Use access control modifiers: Protect sensitive functions with appropriate modifiers (e.g.,
onlyOwner, onlyAdmin) to restrict access.
- Principle of least privilege: Ensure each user only has access to the minimal set of actions they need to perform their role.
- Thorough testing: Test for authorization vulnerabilities to ensure all restricted functions are properly secured.
Samples
Insufficient Authorization Example
pragma solidity ^0.8.0;
contract InsufficientAuthorization {
uint public balance;
function withdraw(uint amount) public {
// No checks for user roles, any address can withdraw funds
balance -= amount;
}
}
Fixed Authorization Example
pragma solidity ^0.8.0;
contract FixedAuthorization {
uint public balance;
address public owner;
constructor() public {
owner = msg.sender;
}
modifier onlyOwner() {
require(msg.sender == owner, "Not authorized");
_;
}
function withdraw(uint amount) public onlyOwner {
balance -= amount;
}
}
onlyOwner modifier ensures that only the contract owner can withdraw funds, thus preventing unauthorized users from performing sensitive operations like withdrawing assets.