A reentrancy attack is a vulnerability exploit where an attacker takes advantage of the asynchronous nature of certain operations in a smart contract to repeatedly call a function before the previous call is complete.
This loophole allows for repeated execution of actions intended to occur only once enabling attackers to manipulate the contract's state leading to unexpected behaviour and potential asset theft.
A typical reentrancy attack happens when attackers use their smart contract to exploit loopholes in the smart contract of a protocol and drain funds by repeatedly sending the same withdraw function that the vulnerable smart contract honour without updating its balance.
This attack entered the spotlight in 2016 following the high-profile exploit of Ethereum DAO an incident that eventually led to the creation of Ethereum Classic.
More recently, protocols such as Rari Capital/Fei (2022) and KyberSwap (2023) fell victim to reentrancy attacks suffering $80m and $47m in losses.
This article dives deep into reentrancy attacks and recent variations such as read-only reentrancy attacks.
A classic reentrancy attack is possible when the order in which a smart contract is set up to handle transactions goes like this;
This sequence is known as “the check-interaction-effects code pattern” and the problem here is that the attacker will take advantage of the time gap the vulnerable smart contract creates between sending the funds and updating the balance as it creates a window in which an attacking smart contract can make another call to withdraw funds.
Due to this loophole, the vulnerable smart contract does not update its balance instead it just keeps sending funds until everything is drained.
This is a relatively new variation of reentrancy attacks that target view functions that contain reentrancy vulnerabilities.
While these functions do not alter the contract's state, they serve essential roles such as reporting token values.
By exploiting the reentrancy vulnerability, the attacker can manipulate these values or cause the contract to report outdated values of tokens. This enables them to exploit smart contracts that rely on these values.
Mono-Function Reentrancy: This is the most basic and classic variation of a reentrancy attack, it occurs when a single function within a smart contract falls prey to repeated recursive calls before the completion of previous invocations.
Cross-function reentrancy: This involves the recursive invocation of multiple functions within a smart contract. It becomes feasible when a vulnerable function shares state with another function that benefits the attacker. Exploiting the asynchronous nature of smart contracts, the attacker persistently calls back into multiple susceptible functions.
Cross-contract reentrancy: This attack usually occurs when multiple contracts share the same variable and some update the shared variable insecurely.
Rari Capital/Fei Protocol Reentrancy Attack
In 2022, the DeFi lending protocol lost $80 million worth of assets when an attacker, utilising flash loans, exploited a loophole in the protocol.
The $80m loot consisted of ETH, DAI, USDC, FRAX, UST and others.
DForce Read-Only Reentrancy Attack
The DeFi lending protocol was exploited for $3.7m via a read-only reentrancy attack. The attacker targeted the protocol’s Curve Finance vault on the Arbitrum and Optimism blockchains, a reentrancy vulnerability existed in code that was used to access price oracles when using Curve on Arbitrum or Optimism.
To exploit the vulnerability, the attacker deposited funds obtained from flash loans and then removed their deposit. During this removal, the attacker can exploit a reentrancy vulnerability and manipulate the perceived virtual price of the asset thus by driving down the virtual price, the attacker was able to liquidate other users’ positions in the wstETH/ETH pool.
As a result, the attacker was able to steal approximately $3.6 million from the protocol.
In 2023, a bug in some outdated versions of the Vyper programming language led to reentrancy vulnerabilities in protocols utilising these versions.
One notable protocol affected was CurveFinance, resulting in the exploitation of liquidity pools on the platform. Ultimately, a total of $50.4 million was stolen from pools associated with Alchemix, JPEG’D, and the Metronome protocol.
This incident serves as a reminder of the need for constant updating, keeping up with industry best practices and regular auditing of smart contracts/crypto-related systems.
A third-party smart contract security audit is one of the most potent ways of detecting and preventing reentrancy vulnerabilities.
Hashlock Australia’s leading blockchain and smart contract security firm is here for all your smart contract security needs.
Contact us today!
[Author’s Note: This article does not represent financial advice, everything written here is strictly for educational and informational purposes. Please do your own research before investing.]
Author: Godwin Okhaifo