Single Function Reentrancy

From WEB3 Vulnerapedia
Jump to navigation Jump to search

Single function reentrancy attack occurs when a vulnerable function is the same function that an attacker is trying to recursively call. 

// UNSECURE
 function withdraw() external {
     uint256 amount = balances[msg.sender];
     (bool success,) = msg.sender.call{value: balances[msg.sender]}("");
     require(success);
     balances[msg.sender] = 0;
 }

Here we can see that the balance is only modified after the funds have been transferred. This can allow a hacker to call the function many times before the balance is set to 0, effectively draining the smart contract.

Source

https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/reentrancy.md

https://medium.com/coinmonks/protect-your-solidity-smart-contracts-from-reentrancy-attacks-9972c3af7c21

Retrieved from "https://wiki.r.security/w/index.php?title=Single_Function_Reentrancy&oldid=841"