-
Notifications
You must be signed in to change notification settings - Fork 133
List of Security Vulnerabilities
Denis Bogdanas edited this page Jan 23, 2019
·
12 revisions
This page contains a comprehensive list of common smart contract security vulnerabilities, compiled from various sources. We use it as our reference list for security audits. In this page we only include basic information. Please click the links in sub-titles to see more details for each attack.
1. Re-Entrancy
happens when a contract A calls a malicious external contract B as part of its operation, which recursively calls A again. Consequently, a transaction that would normally be allowed to run only once, can be executed multiple times. To prevent this sort of attack, contract A must modify its internal state before calling B, in such a way as to detect and prevent re-entrancy.