Wallet Drainers使用Create2绕过钱包安全告警技术分析<\/h1>

前言<\/h2>
随着链上总锁定价值(TVL)的不断增长，Wallet Drainers(钱包盗取者)活动日益频繁。本文深入分析攻击者如何利用Create2功能绕过钱包安全告警机制，实现隐蔽的资金窃取。<\/p>

Create和Create2基础<\/h2>

Create操作<\/h3>

Create是Solidity中用于创建新合约的基本操作：<\/p>

contract<\/span> Factory<\/span> {
<\/span><\/span>    event<\/span> NewContract<\/span>(address<\/span> indexed<\/span> createdContract);
<\/span><\/span>
<\/span><\/span>    function<\/span> createNewContract<\/span>() external<\/span> {
<\/span><\/span>        address<\/span> newContract =<\/span> address<\/span>(new<\/span> MyContract());
<\/span><\/span>        emit NewContract(newContract);
<\/span><\/span>    }
<\/span><\/span>}
<\/span><\/span>
<\/span><\/span>contract<\/span> MyContract<\/span> {
<\/span><\/span>    address<\/span> public<\/span> owner;
<\/span><\/span>    
<\/span><\/span>    constructor<\/span>() {
<\/span><\/span>        owner =<\/span> msg.sender;
<\/span><\/span>    }
<\/span><\/span>}
<\/span><\/span><\/code><\/pre>特点：<\/p>

新合约地址由创建者地址和nonce决定<\/li>
无法预先计算合约地址<\/li>
每次创建都会生成不同地址<\/li>
<\/ul>
Create2操作<\/h3>
Create2提供了更灵活的合约创建方式：<\/p>
contract<\/span> PredictableContract<\/span> {
<\/span><\/span>    address<\/span> public<\/span> owner;
<\/span><\/span>    constructor<\/span>(address<\/span> _owner) payable<\/span> {
<\/span><\/span>        owner =<\/span> _owner;
<\/span><\/span>    }
<\/span><\/span>}
<\/span><\/span>
<\/span><\/span>contract<\/span> Factory<\/span> {
<\/span><\/span>    function<\/span> deploy<\/span>(uint<\/span> _salt) public<\/span> payable<\/span> returns<\/span> (address<\/span>) {
<\/span><\/span>        bytes32<\/span> hash =<\/span> keccak256(
<\/span><\/span>            abi.encodePacked(
<\/span><\/span>                bytes1<\/span>(0xff<\/span>),
<\/span><\/span>                address<\/span>(this),
<\/span><\/span>                _salt,
<\/span><\/span>                type(PredictableContract<\/span>).creationCode
<\/span><\/span>            )
<\/span><\/span>        );
<\/span><\/span>        address<\/span> newContract =<\/span> address<\/span>(uint160<\/span>(uint256<\/span>(hash)));
<\/span><\/span>        return<\/span> address<\/span>(new<\/span> PredictableContract{salt:<\/span> bytes32<\/span>(_salt)}(msg.sender));
<\/span><\/span>    }
<\/span><\/span>}
<\/span><\/span><\/code><\/pre>关键特点：<\/p>

使用salt值控制合约地址生成<\/li>
可预先计算合约地址<\/li>
相同salt值会生成相同地址<\/li>
地址计算公式：hash(0xff ++ factoryAddress ++ salt ++ bytecodeHash)<\/code><\/li>
<\/ul>
Create2地址预测方法<\/h2>
完整地址预测实现：<\/p>
contract<\/span> Factory<\/span> {
<\/span><\/span>    function<\/span> deploy<\/span>(uint<\/span> _salt) public<\/span> payable<\/span> returns<\/span> (address<\/span>) {
<\/span><\/span>        return<\/span> address<\/span>(new<\/span> ContractDemo{salt:<\/span> bytes32<\/span>(_salt)}(msg.sender));
<\/span><\/span>    }
<\/span><\/span>
<\/span><\/span>    function<\/span> getBytecode<\/span>() public<\/span> view<\/span> returns<\/span> (bytes<\/span> memory<\/span>) {
<\/span><\/span>        bytes<\/span> memory<\/span> bytecode =<\/span> type(ContractDemo<\/span>).creationCode;
<\/span><\/span>        return<\/span> abi.encodePacked(bytecode, abi.encode(msg.sender));
<\/span><\/span>    }
<\/span><\/span>
<\/span><\/span>    function<\/span> getAddress<\/span>(uint256<\/span> _salt) public<\/span> view<\/span> returns<\/span> (address<\/span>) {
<\/span><\/span>        bytes32<\/span> hash =<\/span> keccak256(
<\/span><\/span>            abi.encodePacked(
<\/span><\/span>                bytes1<\/span>(0xff<\/span>),
<\/span><\/span>                address<\/span>(this),
<\/span><\/span>                _salt,
<\/span><\/span>                keccak256(getBytecode())
<\/span><\/span>            )
<\/span><\/span>        );
<\/span><\/span>        return<\/span> address<\/span>(uint160<\/span>(uint256<\/span>(hash)));
<\/span><\/span>    }
<\/span><\/span>}
<\/span><\/span><\/code><\/pre>Wallet Drainers攻击流程<\/h2>
攻击者利用Create2绕过钱包安全告警的典型流程：<\/p>

预先计算恶意合约地址<\/strong>：攻击者使用特定salt值计算出一个尚未部署的合约地址<\/li>
诱导用户签名<\/strong>：让用户对看似无害的交易进行签名，实际上该交易会授权预先计算的地址操作资产<\/li>
部署恶意合约<\/strong>：在用户签名后，攻击者使用预先计算的salt值部署实际恶意合约<\/li>
转移资产<\/strong>：已部署的恶意合约执行实际资产转移操作<\/li>
<\/ol>
实际案例分析<\/h3>
以GMX代币被盗案例为例：<\/p>

攻击者预先计算合约地址：0xbD2BF58Be46619B7A22cE9457e1D51A10B82EB91<\/code><\/li>
受害者签署signalTransfer(address receiver)<\/code>交易，授权该地址<\/li>
攻击者部署预先计算的合约<\/li>
合约执行以下恶意操作：

接受GMX代币转移<\/li>
处理奖励<\/li>
解除GMX和GLP的质押<\/li>
将资产转移到攻击者控制地址<\/li>
<\/ul>
<\/li>
<\/ol>
关键攻击合约代码片段：<\/p>
function<\/span> unstake<\/span>(
<\/span><\/span>    address<\/span> victim,
<\/span><\/span>    uint16<\/span> percentageForFirstAddressInBasisPoints,
<\/span><\/span>    address<\/span> firstAddress,
<\/span><\/span>    address<\/span> secondAddress,
<\/span><\/span>    uint256<\/span> lpPrice,
<\/span><\/span>    uint256<\/span> ethPrice
<\/span><\/span>) public<\/span> onlyOwner {
<\/span><\/span>    acceptTransfer(victim);
<\/span><\/span>    handleRewards();
<\/span><\/span>    unstakeGmx(percentageForFirstAddressInBasisPoints, firstAddress, secondAddress);
<\/span><\/span>    unstakeGlp(lpPrice, ethPrice);
<\/span><\/span>    \/\/ 转移资金...
<\/span><\/span><\/span><\/span>}
<\/span><\/span><\/code><\/pre>防御建议<\/h2>


钱包安全增强<\/strong>：<\/p>

对Create2相关交易增加特别警告<\/li>
实现更严格的签名请求分析<\/li>
对预先计算但未部署的地址进行标记<\/li>
<\/ul>
<\/li>

用户教育<\/strong>：<\/p>

警惕任何要求签名"空投领取"或"奖励申领"的交易<\/li>
仔细检查交易授权的合约地址<\/li>
使用硬件钱包进行大额交易<\/li>
<\/ul>
<\/li>

合约开发实践<\/strong>：<\/p>

实现多签授权机制<\/li>
设置交易延迟执行<\/li>
使用权限分级控制<\/li>
<\/ul>
<\/li>
<\/ol>
总结<\/h2>
Create2功能虽然为智能合约开发带来了灵活性，但也被攻击者利用来绕过传统安全检测机制。了解这种攻击模式对于开发安全钱包应用和保护用户资产至关重要。随着攻击技术的演进，安全防护措施也需要不断更新以应对新的威胁。<\/p>

Wallet Drainers使用Create2绕过钱包安全告警技术分析<\/h1>

前言<\/h2> 随着链上总锁定价值(TVL)的不断增长，Wallet Drainers(钱包盗取者)活动日益频繁。本文深入分析攻击者如何利用Create2功能绕过钱包安全告警机制，实现隐蔽的资金窃取。<\/p>

Create和Create2基础<\/h2>

前言<\/h2>
随着链上总锁定价值(TVL)的不断增长，Wallet Drainers(钱包盗取者)活动日益频繁。本文深入分析攻击者如何利用Create2功能绕过钱包安全告警机制，实现隐蔽的资金窃取。<\/p>