Smart Contract / Reentrancy

Description

Reentrancy is a type of vulnerability that occurs in Smart Contracts, specifically in Solidity-based languages (SWC). It is a type of attack in which an attacker can repeatedly call a vulnerable function on a contract and access the internal state of the contract. The attacker can use this access to siphon funds from the contract or modify the internal state. Reentrancy is classified as CWE-400 in the Common Weakness Enumeration (CWE) directory. It is also described in the OWASP Testing Guide, which explains how to detect and protect against reentrancy attacks.

Risk

Reentrancy attacks are a serious risk to Smart Contracts, as they can result in significant losses of funds or data. They can also lead to other security incidents, such as data leakage or unauthorized access to confidential data. Reentrancy attacks are difficult to detect and can be difficult to defend against.

Solution

The best solution to prevent reentrancy attacks is to use a well-defined coding standard. The standard should include checks to ensure that the contract code is free from reentrancy vulnerabilities. Additionally, developers should use defensive programming practices, such as using mutex locks and using explicit return statements, to avoid reentrancy vulnerabilities.

Example

The following code example is taken from CVE-2018-10299 and demonstrates a reentrancy vulnerability. The vulnerability occurs when an attacker is able to call the reenter() function multiple times in a row. This allows the attacker to access the internal state of the contract and modify it.

contract Reentrancy {
    function reenter() public returns (bool) {
        // Code that can access the internal state
        return true;
    }
}