Reentrancy attack allows an attacker to repeatedly execute a specific function within a smart contract before the previous function execution has been completed.
A reentrancy attack is a type of vulnerability that occurs in a smart contract-based system, particularly in Ethereum blockchain. It allows an attacker to repeatedly execute a specific function within a smart contract before the previous function execution has been completed, potentially leading to unauthorized access to the contract's state and funds. The word reentrancy stems from the sphere of general computing. Reentrancy occurs each time program execution is interrupted and gets restarted, with no errors visible even though both operations run completed.
Here's how a reentrancy attack works:
Here is a list some of the exploits of this kind that has been in the spotlight for the last few years:
Still, the most notorious exploit using the reentrancy vulnerability happened on June 17, 2016, when a bad actor siphoned 3.6 million ETH from TheDao’s smart contract (about 5% of all ETH at that time). Quite sophisticated, the attack involved creating a child DAO and calling several functions. The hacker managed to transfer funds to his personal wallet only 41 days later.
That being said, not every reentrant behavior can be called a bug. It can turn into a critical security issue if two conditions are met:
To prevent reentrancy attacks, developers can implement various security measures such as:
Reentrancy typically occurs across multiple functions or contracts, so preventing reentrancy within a single function is not enough. You have to finish all state changes before calling an external function. Overall, it's important for developers to thoroughly audit their smart contracts and implement proper security measures to prevent reentrancy attacks and other vulnerabilities.