Files

PDF

HOW TO CITE

Demystifying Reentrancy Attacks on Smart Contracts Understanding Types and Mitigations
Authors (Affiliation): Ravirajsinh Vaghela (School of Cyber Security & Digital Forensics, National Forensic Sciences University)
Abstract:

Smart contract reentrancy attacks have already proved their fatality magnitudes after the DAO attack and the devastating impact it had on the overall Ethereum blockchain network and its security posture. Understanding about the intricacies and the vulnerabilities involved in these reentrancy attacks is a herculean task for naive audiences with little exposure to smart contracts. Hence this paper aims to serve as a very elementary resource for gauging the depths of these attacks presenting a very layman and yet technically apt approach. It begins by attempting to capture the complex varieties of these attacks by classifying them into Cross-function, Cross-contract, Read-only & Cross -chain reentrancy attacks; the allied attack flow/strategy diagrams serve as an abstract understanding resource. Further, it also exemplifies the variety of mitigations, ideal programming practices & active tools to counter these attacks. Hence, encompassing both the attack intricacies while complementing them with associated defenses, it serves as an ideal elementary go-to resource for understanding smart contract reentrancy attacks.

Keywords: Smart Contract, Reentrancy;, Cross-Function;, Cross-Contract;, cross chain
Vol & Issue: Special Issue - 1 (The Proceeding of ICRBDC - 2024), February 2024