Common Vulnerabilities
Every EVM security issue that exists on Ethereum also exists on OXN. This page lists the canonical categories with notes on OXN-specific twists.
Reentrancy
Description. A contract that calls out to an untrusted address before completing its own state update can be re-entered, allowing the attacker to observe or manipulate half-finished state.
On OXN. Same as Ethereum. Confidentiality does not prevent reentrancy — the attacker's contract is inside the enclave too and sees exactly what your contract emits during the call.
Prevention. Use ReentrancyGuard. Follow checks-effects-interactions.
Integer overflow / underflow
Description. Arithmetic operations that exceed the type's range wrap around.
On OXN. Same as Ethereum. Solidity 0.8+ has built-in checks that revert on overflow. Do not disable them.
Access control failures
Description. Missing or incorrect authorization checks allow unauthorized callers to invoke privileged functions.
On OXN. Same as Ethereum. msg.sender and tx.origin behave identically. Use OpenZeppelin AccessControl or explicit checks.
Oracle manipulation
Description. Contracts depending on external price feeds can be manipulated by feeding a bad price.
On OXN. Same as Ethereum. Encryption does not verify data — a lie fed through a plain oracle is still a lie.
Front-running (less applicable on OXN)
Description. Attacker observes a transaction in the mempool and submits a competing one to profit.
On OXN. Significantly reduced. Encrypted calldata means attackers cannot see what your transaction does. Base confidentiality closes most mempool-based MEV vectors. But note:
- Transaction ordering is still visible.
- Predictable patterns (e.g., always trading at 3:00 UTC) can still be exploited by proximity attacks.
Signature replay
Description. A signature valid on one chain replayed on another chain does an unintended action.
On OXN. Same as Ethereum. Use EIP-155 (chain ID in signatures) and EIP-712 (typed data) to bind signatures to a specific chain and purpose.
Missing input validation
Description. Contract accepts inputs without validating them.
On OXN. Same as Ethereum. Encrypted calldata still contains attacker-controlled data.
OXN-specific: unsafe randomness use
Description. Using block.timestamp, block.number, or PREVRANDAO for randomness.
Prevention. Use Sapphire.randomBytes. See Randomness.
OXN-specific: sender-spoofing via plain call
Description. A view function that gates on msg.sender behaves incorrectly when called via plain eth_call (where msg.sender = 0x0).
// If called via plain eth_call, msg.sender is 0x0, so the check passes
function isAdmin() external view returns (bool) {
return msg.sender == owner; // returns true when owner happens to be 0x0
}
Prevention. Do not gate view functions on msg.sender for security decisions — only use it to filter which data is returned. For actual authorization, require signed queries and check explicitly.
OXN-specific: leaking secrets via gas or storage patterns
Covered in detail in Confidentiality Pitfalls.