Delegate Call Code vulnerabilities

From WEB3 Vulnerapedia
Jump to navigation Jump to search

How Delegate Calls works?

When a DELEGATECALL is made, the context is retained to the called contract, which retains the msg.sender, msg.value and affects the storage of the caller contract.

Here's a table showing the context of the DELEGATECALL, initiated by an EOA calling contract A that DELEGATECALLs contract B.

Contract A Contract B
msg.sender EOA address EOA address
msg.value EOA send value EOA send value
storage Contract A Contract A

Vulnerabilities

Storage Collision

Multi Delegateecall Pattern Vulnerabilities

Retrieved from "https://wiki.r.security/w/index.php?title=Delegate_Call_Code_vulnerabilities&oldid=1273"