MultiversX Entry Point Analyzer
This skill helps you identify the attack surface of a smart contract by enumerating all public interaction points.
1. Identification
Scan for multiversx_sc macros that expose functions:
- •
#[endpoint]: Public write function. High Risk. - •
#[view]: Public read function. Low risk (unless used on-chain). - •
#[payable("*")]: Accepts EGLD/ESDT. Critical Risk (value handling). - •
#[init]: Constructor. - •
#[upgrade]: Upgrade handler. Critical Risk (migration logic).
2. Risk Classification
A. Non-Payable Endpoints
Functions that change state but don't accept value.
- •Check: Is there
require!? Who can call this (Owner only?)? - •Risk: Unauthorized state change.
B. Payable Endpoints (#[payable("*")])
Functions receiving money.
- •Check:
- •Does it use
self.call_value().all_esdt_transfers()? - •Is
amount > 0checked? - •Are token IDs validated?
- •Does it use
- •Risk: Stealing funds, accepted fake tokens.
C. Views
- •Check: Does it modify state? (It shouldn't, but Rust allows interior mutability or misuse).
3. Analysis Workflow
- •List all Entry Points.
- •Tag Access Control:
OnlyOwner,Whitelisted,Public. - •Tag Value handling:
Refusable,Payable. - •Graph Data Flow: Which storage mappers do they touch?
4. Specific Attacks
- •Privilege Escalation: Is a sensitive endpoint accidentally public?
- •DoS: public endpoint inserting into UnorderedSetMapper (unbounded growth).