Reentrancy Attack

From CryptoWiki

Revision as of 11:42, 22 April 2020 by wiki_crypto>Zeb.dyor (Created page with "* This happened with the DAO hack and also twice in April 2020 with Uniswap and dForce. * [https://thedefiant.substack.com/p/hackers-steal-25-million...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

"The core of the attack is called reentrancy: The possibility for a smart contract function to be executed multiple times concurrently, which might bring state inconsistencies if the function is not implemented properly.

What is Reentrancy anyway? Contracts interact. To be able to move your DAI or USDC from Compound to Aave or MakerDAO, for example, the smart contracts of each of these platforms interact with other contracts that define the currencies being used, in this case the DAI contract and the USDC contract. This complex network of interactions allows developers to implement all the beautiful things we see running on Ethereum. Everything works well when the contracts that interact trust each other. But what if we put in the middle of these interactions a malicious actor?"