EVM Exploit November 6, 2017 4 min read

Selfdestruct Vulnerability Exploit Generator

Sigvex exploit generator that validates selfdestruct vulnerabilities including unprotected self-destruction, library-based destruction (Parity-style), and forced ETH reception.

evmaccess-controlexploit-generator

Selfdestruct Vulnerability Exploit Generator

Overview

The selfdestruct vulnerability exploit generator validates findings where the SELFDESTRUCT opcode is reachable without sufficient access control. The generator identifies which sub-type of selfdestruct vulnerability applies — unprotected destruction, library destruction (the Parity pattern), or forced ETH reception — and produces a targeted proof of concept for each.

The canonical historical example is the Parity Wallet hack #2 (November 2017), where an attacker initialized the shared WalletLibrary contract directly (bypassing the proxy), became its owner, and called kill(). This destroyed the shared library, rendering 587 dependent wallets permanently non-functional and freezing 513,774 ETH (~$150M at the time) forever.

Note: Exploit generation in Sigvex is for vulnerability validation purposes only.

Attack Scenario

The generator classifies the vulnerability from the finding’s description field and runs the matching attack path:

Unprotected selfdestruct:

Contract has a kill(address payable recipient) function with no onlyOwner modifier.
Attacker calls kill(attackerAddress) directly.
Contract balance (100 ETH) is transferred to the attacker.
Contract bytecode is erased. All future calls to the contract address are no-ops.
Any contracts that depend on this address stop functioning.

Library selfdestruct (Parity-style):

A proxy wallet calls a shared WalletLibrary via DELEGATECALL.
The library has initWallet(address) with an initialized guard — but the guard only applies in the library’s own storage, not in the proxy’s storage.
The attacker calls initWallet(attackerAddress) directly on the library (not through a proxy).
The library’s initialized flag is false (it is only set in proxy storage during legitimate use), so the call succeeds.
The attacker is now owner in the library’s storage.
The attacker calls kill(attackerAddress) on the library.
The library is destroyed. All 587 proxy wallets now DELEGATECALL into empty code and all their functions permanently revert.

Forced ETH reception (balance invariant break):

A victim contract uses require(address(this).balance == totalDeposits) as an invariant.
The attacker deploys ForcedEtherExploit and funds it with 1 ETH.
The attacker calls attack(), which calls selfdestruct(payable(target)).
SELFDESTRUCT force-sends ETH to the target, bypassing receive() and fallback().
address(target).balance is now greater than totalDeposits.
The invariant check fails permanently, locking all withdrawals.

Exploit Mechanics

The generator parses the finding description to select a vulnerability type:

Description contains	Selected type	Severity
”library” or “delegatecall”	`library_selfdestruct`	Critical: can freeze all dependent contracts
”unprotected” or “access”	`unprotected_selfdestruct`	High: direct fund theft
”force”	`forced_ether_reception`	Medium: invariant break
(other)	`general_selfdestruct`	High

The generator uses ExploitTestResult::success with an estimated 50,000 gas and attaches vulnerability_type to the evidence map. The PoC is a complete Solidity demonstration covering all three patterns.

The Parity-style attack is demonstrated as:

contract ParityStyleExploit {
    WalletLibrary public targetLibrary;

    function attack() public {
        // Step 1: Initialize library directly (not through proxy)
        targetLibrary.initWallet(address(this));
        require(targetLibrary.owner() == address(this));

        // Step 2: Destroy the library
        targetLibrary.kill(payable(msg.sender));

        // Result: 587 wallet proxies permanently broken
    }
}

Remediation

Detector: Selfdestruct Detector
Remediation Guide: Selfdestruct Remediation

The recommended approach is to avoid SELFDESTRUCT entirely. As of EIP-6049, SELFDESTRUCT is deprecated and future Ethereum hard forks may alter or remove its functionality.

// INSTEAD OF selfdestruct: use emergency withdrawal + lock
contract SecureContract {
    address public owner;
    bool public locked;

    modifier onlyOwner() { require(msg.sender == owner); _; }

    function emergencyWithdraw() public onlyOwner {
        locked = true; // prevent future operations
        payable(owner).transfer(address(this).balance);
    }
}

// For libraries: NEVER include selfdestruct
// Libraries should be stateless and immutable

For the balance invariant issue, use internal accounting instead of address(this).balance:

// INSTEAD OF: require(address(this).balance == totalDeposits)
// USE:
mapping(address => uint256) public balances;
// Only track what went through deposit(), not raw ETH balance

References

SWC-106: Unprotected SELFDESTRUCT Instruction (Parity pattern)
EIP-6049: Deprecate SELFDESTRUCT
SWC-106: Unprotected SELFDESTRUCT Instruction
Consensys: Force-Feeding ETH

EVM Attack Pattern

Access Control Bypass

How attackers exploit missing or improper access restrictions on critical functions — responsible for over $1.3 billion in DeFi losses including the largest hack in history.

EVM Detector

Access Control

Detects missing or improperly implemented access controls on privileged functions, allowing unauthorized callers to execute restricted operations.

EVM Exploit

Access Control Bypass Exploit Generator

Sigvex exploit generator that validates missing access control by calling privileged functions from an unauthorized address and checking for storage mutations.

EVM Exploit

Bridge Message Manipulation Exploit Generator

Sigvex exploit generator that validates cross-chain bridge vulnerabilities including message replay, cross-chain replay, and Nomad-style uninitialized state exploitation.

EVM Exploit

Centralization Risks Exploit Generator

Sigvex exploit generator that validates centralization risk findings by classifying the specific privilege type and documenting the trust assumptions and attack scenarios enabled by single-owner control.

EVM Exploit

Cross-Chain Balance Inconsistency Exploit Generator

Sigvex exploit generator that validates cross-chain bridge balance inconsistency vulnerabilities including replay attacks, non-atomic operations, weak proof verification, and finality exploits that allow token supply inflation on the destination chain.

EVM Exploit

Default Visibility Exploit Generator

Sigvex exploit generator that validates default visibility vulnerabilities in Solidity contracts where missing visibility modifiers default to public, exposing sensitive initialization and admin functions.

EVM Exploit

tx.origin Authentication Exploit Generator

Sigvex exploit generator that validates tx.origin authentication vulnerabilities by simulating a phishing scenario where an intermediary contract calls the victim with the owner's tx.origin.

EVM Exploit

Validator/Relayer Compromise Exploit Generator

Sigvex exploit generator that validates bridge validator and relayer compromise vulnerabilities including low M-of-N thresholds, key management failures, centralized relayers, and missing validator rotation — with the Ronin Bridge ($625M) as the canonical attack scenario.

EVM Remediation

Access Control Remediation

How to implement proper access controls on privileged functions using ownership patterns, role-based access, and multi-signature authorization.

EVM Remediation

Arbitrary Storage Write Remediation

How to eliminate arbitrary storage write vulnerabilities by removing user-controlled assembly SSTORE operations, using Solidity mappings, and enforcing slot allowlists for unavoidable inline assembly.

EVM Remediation

Bridge Message Remediation

How to secure cross-chain bridge message processing by implementing nonce-based replay protection, chain ID binding, explicit state initialization, and validator threshold requirements.

EVM Remediation

Centralization Risks Remediation

How to reduce centralization risk through timelocks, multi-signature wallets, on-chain governance, and hard-coded parameter caps that protect users from compromised or malicious admins.

EVM Remediation

Cross-Chain Balance Inconsistency Remediation

How to eliminate cross-chain bridge balance vulnerabilities by implementing proof deduplication, deep finality requirements, Merkle proof verification, and the lock-and-mint pattern.

EVM Remediation

Default Visibility Remediation

How to eliminate default visibility vulnerabilities by always specifying explicit visibility modifiers on all functions and state variables, and upgrading to Solidity 0.5.0+ which enforces this at compile time.

EVM Remediation

ERC20 Violations Remediation

How to eliminate ERC20 integration vulnerabilities by using SafeERC20 for all token operations, measuring actual received amounts for fee-on-transfer tokens, and handling non-standard token behaviors such as missing return values and rebase mechanics.

EVM Remediation

Use the Sign In button in the navigation bar.

Sigvex

Advanced bytecode decompilation and security analysis across multiple runtimes. Detect vulnerabilities, exploits, and reverse-engineer smart contracts directly on-chain.

Product

Features
How It Works
Pricing

Resources

Knowledge Base
Research
Blog

Company

About
Contact
Security

Legal

Terms of Service
Privacy Policy
Cookie Policy
Acceptable Use

Built for developers, by developers.