pcaversaccio/reentrancy-attacks pcaversaccio/reentrancy-attacks

  • Stars
    star
    1,287
  • Rank 36,546 (Top 0.8 %)
  • Language
  • License
    GNU Affero Genera...
  • Created over 2 years ago
  • Updated 3 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
pcaversaccio/reentrancy-attacks
github

pcaversaccio

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A chronological and (hopefully) complete list of reentrancy attacks to date.

โš”๏ธ A Historical Collection of Reentrancy Attacks

๐Ÿ‘ฎโ€โ™‚๏ธ Sanity checks License: AGPL v3

๐Ÿ“Œ Definition of a Reentrancy Attack

Unsafe external call(s) that allow(s) malicious manipulation of the internal and/or associated external contract state(s).

๐Ÿ“š Types of Reentrancy Attacks

  • Single-Function Reentrancy
  • Cross-Function Reentrancy
  • Cross-Contract Reentrancy
  • Cross-Chain Reentrancy
  • Read-Only Reentrancy

๐Ÿ“œ Reentrancy Attacks List

A chronological and (hopefully) complete list of reentrancy attacks to date.

Some of the exploits carried out involve multiple separate transactions as well as multiple victim and exploit contracts. For each attack, I have listed the most affected victim contract, the most critical exploit contract, and the most devastating exploit transaction.

๐Ÿ’ข Disclaimer

Footnotes

  1. To prevent the article from constantly reloading, deactivate JavaScript in your browser. โ†ฉ

  2. We list the attacker's address here for the sake of completeness, but technically the attack was executed with a Near-specific transaction type called "Batch Transaction" and not with a specific exploit contract. โ†ฉ

  3. We list the victim contract, the exploit contract, and the exploit transaction on Arbitrum. However, the same exploit was carried out on Optimism with almost the same amount of loss: Victim contract, Exploit contract, Exploit transaction. โ†ฉ

  4. The same exploit hit another victim with almost the same amount of loss: Victim contract. โ†ฉ

  5. The same exploit hit two other victims with almost the same amount of loss: Victim contract 2, Victim contract 3. โ†ฉ

  6. We list the victim contract, the exploit contract, and the exploit transaction on Optimism. However, the same exploit was carried out on Ethereum, albeit with a smaller loss amount: Victim contract, Exploit contract, Exploit transaction. โ†ฉ

  7. We list the victim contract, the exploit contract, and the exploit transaction on Polygon. However, the same exploit was carried out on Ethereum, albeit with a smaller loss amount: Victim contract, Exploit contract, Exploit transaction. โ†ฉ

  8. The technical post-mortem on the reentrancy lock vulnerability from Vyper can be found here. โ†ฉ

More Repositories

1

snekmate

State-of-the-art, highly opinionated, hyper-optimised, and secure ๐ŸVyper smart contract building blocks.
Solidity
493
star
2

xdeployer

Hardhat plugin to deploy your smart contracts across multiple EVM chains with the same deterministic address.
Solidity
434
star
3

createx

Factory smart contract to make easier and safer usage of the `CREATE` and `CREATE2` EVM opcodes as well as of `CREATE3`-based (i.e. without an initcode factor) contract creations.
Solidity
293
star
4

create2deployer

Helper smart contract to make easier and safer usage of the `CREATE2` EVM opcode.
TypeScript
274
star
5

hardhat-project-template-ts

A fully-fledged Hardhat project template based on TypeScript.
TypeScript
209
star
6

malleable-signatures

This repository implements a simplified PoC that demonstrates how signature malleability attacks using compact signatures can be executed.
Solidity
105
star
7

ecdsa-nonce-reuse-attack

This repository implements a Python function that recovers the private key from two different signatures that use the same random nonce during signature generation.
Python
84
star
8

tornado-cash-exploit

This repository implements a simplified PoC that showcases how a contract can morph. A similar approach was used as part of the governance attack on Tornado Cash in May 2023.
Solidity
48
star
9

metatx

A smart contract to enable ERC-20 token meta-transactions on Ethereum.
JavaScript
45
star
10

escrow-contract

A simple multilateral escrow smart contract for ETH and ERC-20 tokens governed by Cobie.
TypeScript
37
star
11

raw-tx

Three scripts to ordinary generate, EIP-4844-type generate, and execute a signed raw transaction with `ethers`.
TypeScript
30
star
12

torn-detector

Detect if a contract has been deployed in the latest (or predefined) block from an address that was previously funded through Tornado.Cash.
TypeScript
22
star
13

solidity-games

A repository for Solidity-based smart contract games.
Solidity
21
star
14

meth

The moment you Rust, you should look for your Mojo ๐Ÿ”ฅ.
21
star
15

batch-distributor

Helper smart contract for batch sending both native and ERC-20 tokens.
TypeScript
20
star
16

p256-verifier-vyper

P256 (a.k.a. secp256r1 elliptic curve) signature verification ๐ŸVyper contract.
Vyper
19
star
17

create-util

Helper smart contract to make easier and safer usage of the `CREATE` EVM opcode.
TypeScript
19
star
18

mnemonic-to-private-key

A JavaScript script that converts the mnemonic phrase into a wallet private key using the ethers.js library.
JavaScript
15
star
19

ethereum-key-generation-python

Generating Ethereum addresses in Python.
Python
13
star
20

pcaversaccio

My public profile.
12
star
21

fork-testing-evm-compatibility

This repository implements a simple fork test on Optimism that proves that the EVM behaviour of the forked chain is not identically replicated locally.
Solidity
12
star
22

erc20-permit-upgradeable

Permit-enabled, upgradeable ERC20 smart contract template.
TypeScript
11
star
23

erc20-oz-sdk

How to deploy an ERC20 smart contract using OpenZeppelin SDK and write a TokenExchange smart contract.
Solidity
7
star
24

zksync-vyper-sandbox

A sandbox environment for ZKsync Era Vyper compiler testing.
TypeScript
7
star
25

mass-key-generation

A repository for mass public-private key generation (Bitcoin & Ethereum).
Java
7
star
26

tornado-cash-ether-withdrawal-decipherer

Deciphering the ether transactions in the Tornado.Cash withdrawals.
JavaScript
7
star
27

bitsquatting

Helper script for generating permutations of an ENS domain that differ by 1-bit from the original domain.
Python
7
star
28

gpg-sign-and-encrypt

This guide explains how to sign and encrypt an email using the `gpg` (GNU Privacy Guard) tool from the command line.
7
star
29

ethereum-key-generation

A repository that shows how to generate a private / public key pair using web3.js or HD wallets.
JavaScript
5
star
30

tokenbridge-helium-ethereum

A tokenbridge between the Helium blockchain (native network) and the Ethereum blockchain (foreign network).
4
star
31

chainlink-price-feed

Retrieve the ETH/USD price feed from Chainlink's oracle using Infura.
JavaScript
4
star
32

connection-vscode-to-google-colab-gpus

A step-by-step guide to connecting the local Visual Studio Code to Google Colab's GPU runtime.
4
star
33

pool-viewer

Similar to an ETH2 block explorer, but focused only on recent data.
2
star
34

pcaversaccio.github.io

My personal website.
HTML
2
star
35

payfoot-token-contract

This is PayFoot's ERC-20 smart contract, whose tokens are used as stablecoins in their ecosystem.
JavaScript
2
star
36

configurations

Monorepo for my personal configurations.
Shell
2
star
37

startfeld-token-contract

This is Startfeld's ERC-20 smart contract, whose tokens are used as vouchers in their ecosystem.
JavaScript
2
star
38

randao-distribution

Empirical distribution of the randomness beacon (=RANDAO) provided by the Beacon chain.
Python
2
star
39

porini-community-token-contract

This is Porini's ERC-20 smart contract, whose tokens can activate communities to support conservation activities and learn about blockchain technology.
JavaScript
2
star
40

impact-dollar-token-contract

This is Impact Dollar's ERC-20 smart contract, whose tokens can deliver a demonstrable contribution to conservation and protected areas through digital collectibles.
JavaScript
2
star
41

block-explorer-swissdlt

A block explorer for the Swiss DLT blockchain.
TypeScript
1
star
42

interface-solc-test

Solidity
1
star
43

saentis-gulden-token-contract

This is Sรคntis Gulden's ERC-20 smart contract, whose tokens are used as vouchers in their ecosystem.
JavaScript
1
star
44

ath-erc20-token

Smart contract of the Alethena (ATH) token.
1
star
45

telegram-group-counter

A simple Python script to check how many Telegram groups a user is in.
Python
1
star