Reentrancy Attack
What is Reentrancy Attack?
Reentrancy AttackA smart-contract exploit where an external call lets the attacker re-enter the calling function before its state is updated, draining funds in a recursive loop.
Reentrancy happens when a contract sends ETH or tokens to an external address (often via call, transfer, or an ERC-777 hook) before it has updated its own internal accounting. The attacker controls that external address and uses the callback to invoke the original withdrawal function again, repeating the cycle until the contract is drained. Variants include single-function, cross-function, cross-contract, and read-only reentrancy. Mitigations include the checks-effects-interactions pattern, OpenZeppelin's ReentrancyGuard, pull-payment designs, and avoiding low-level calls to untrusted contracts. The 2016 attack on The DAO is the canonical example and led to the Ethereum/Ethereum Classic hard fork.
● Examples
- 01
The DAO hack (June 2016) drained about 3.6 million ETH using recursive splitDAO calls.
- 02
The Cream Finance 2021 hot-fix incident exploited cross-function reentrancy via ERC-777 callbacks.
● Frequently asked questions
What is Reentrancy Attack?
A smart-contract exploit where an external call lets the attacker re-enter the calling function before its state is updated, draining funds in a recursive loop. It belongs to the Web3 & Blockchain category of cybersecurity.
What does Reentrancy Attack mean?
A smart-contract exploit where an external call lets the attacker re-enter the calling function before its state is updated, draining funds in a recursive loop.
How does Reentrancy Attack work?
Reentrancy happens when a contract sends ETH or tokens to an external address (often via call, transfer, or an ERC-777 hook) before it has updated its own internal accounting. The attacker controls that external address and uses the callback to invoke the original withdrawal function again, repeating the cycle until the contract is drained. Variants include single-function, cross-function, cross-contract, and read-only reentrancy. Mitigations include the checks-effects-interactions pattern, OpenZeppelin's ReentrancyGuard, pull-payment designs, and avoiding low-level calls to untrusted contracts. The 2016 attack on The DAO is the canonical example and led to the Ethereum/Ethereum Classic hard fork.
How do you defend against Reentrancy Attack?
Defences for Reentrancy Attack typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Reentrancy Attack?
Common alternative names include: Recursive call attack.
● Related terms
- web3№ 1056
Smart Contract Security
The practice of designing, reviewing, and operating on-chain programs so they cannot be exploited to steal funds, freeze logic, or violate intended business rules.
- web3№ 1055
Smart Contract Audit
An independent security review of smart-contract source code, deployment configuration, and economic design to find vulnerabilities before launch or upgrade.
- web3№ 424
Flash Loan Attack
A DeFi exploit that borrows a massive uncollateralised flash loan within one transaction to manipulate prices or governance and steal funds before the loan is repaid.
- web3№ 106
Blockchain Security
The discipline of protecting distributed ledgers, their consensus mechanisms, smart contracts, and surrounding infrastructure from compromise, fraud, and theft.
- vulnerabilities№ 895
Race Condition
A defect where the security or correctness of a system depends on the timing or ordering of concurrent operations, allowing attackers to interleave actions and bypass checks.
- web3№ 765
Oracle Manipulation
An attack that distorts the price or data feed used by a smart contract so the contract makes wildly wrong decisions about lending, liquidations, or settlement.