SKIP TO CONTENT
Security

Denial of Service

Attacks that prevent legitimate users from accessing or using protocol functions.

What is Denial of Service?

A denial of service (DoS) attack in DeFi prevents legitimate users from accessing or using protocol functions. Unlike traditional DoS attacks that overwhelm servers, smart contract DoS attacks exploit code vulnerabilities to make functions permanently unusable, lock funds, or make operations prohibitively expensive. These attacks may not steal funds directly but can cause significant damage.

How it Works

Smart contract DoS attacks exploit various mechanisms to prevent normal operation.

Common DoS attack patterns include:

  1. Block Gas Limit: Make functions require more gas than fits in a block
  2. Unexpected Reverts: Force failures in loops that must complete
  3. External Call Failures: Depend on calls that always revert
  4. Self-Destruct Interference: Destroy contracts that others depend on
  5. Front-Running: Prevent specific transactions from executing
  6. Griefing: Make operations expensive or slow without profit motive

These attacks range from temporary inconveniences to permanent fund locks.

Practical Example

The GovernMental Ponzi scheme on Ethereum demonstrated a costly DoS scenario where refunding all participants required more gas than available in a block, locking 1,100 ETH. The King of the Ether throne game was DoS'd when a contract king could reject ETH transfers, preventing anyone from claiming the throne. Akutars NFT mint permanently locked $34 million when a DoS vulnerability in the refund mechanism prevented fund recovery.

Why it Matters

DoS vulnerabilities may not grab headlines like fund thefts, but they can permanently lock funds or render protocols unusable. Developers must avoid unbounded loops, handle external call failures gracefully, and consider adversarial users in all designs. Users should be aware that some protocols carry DoS risks that could temporarily or permanently lock their funds.

Fensory evaluates protocol resilience and historical operation reliability, helping users identify projects with robust designs that resist denial of service attacks.

Examples

  • Akutars NFT permanently locked $34 million due to DoS vulnerability in refunds
  • King of the Ether was DoS attacked when contract kings rejected transfers

From definition to application. Explore real opportunities.

Track live yields, compare protocols, and build your DeFi portfolio with Fensory.

GET EARLY ACCESSArrow right