13. Reentrancy Attack

Problem

  • If we call a function of another contract in the middle of a withdraw, the other contract may have malicious function which may recalls the withdraw function again and again resulting in draining of all the funds

  • https://solidity-by-example.org/hacks/re-entrancy/

Solution (Easy Way)

  • Always call another contract in the last step of transaction

  • Updated balances (change state) before calling another contract

Solution (Mutex)

  • Use a mutex

  • Openzepplin provides a way to safeguard i.e a Modifier

Previous12. NFTs | EncodingNextBackend

Last updated