Reentrancy Attack in Solidity
This is a simple demonstration of reentrancy attack in solidity
Reentrancy attacks are one of the most dangerous threats to be aware of when implementing smart contracts with Solidity. They’re dangerous for two reasons: they can exhaust your smart contract’s ether and, if you’re not careful, they can find their way into your code.
Demonstrating the attack using Banking contract and Attacker contract.
Banking contract code
Here we have three functions
- Deposit
- Withdraw
- Balance
Attacker Code
The attacker use attack function to call the withdraw function in Bank contract. The withdraw function next execute the fallback function in attacker contract. This can can exhaust your smart contract’s ether.
How to prevent Reentrancy attack
This modifier check the status of internal variable lock. If the attacker try to use Reentrancy attack, the modifier will check the lock condition and terminate the attack.
Full code
