72. Reentrancy Attack on smart contracts: a threat to blockchain security!

Blockchain is a revolutionary technology that has introduced many innovations in finance and beyond. However, like any technology, it is vulnerable to various threats, including the so-called Reentrancy Attack on smart contracts. In today’s lesson, we will cover exactly what a re-entry attack is, how it works and how you can defend against it.

What is Reentrancy Attack? Definition.

As the name suggests, reentrancy ro a type of attack that can occur in intelligent contracts.From our previous lessons, you know that smart contracts allow untrusted external code to be executed as part of the execution of a given contract. This situation can occur when the intelligent contract itself calls an external contract, and this external contract subsequently calls the original contract, causing an endless loop to run.

The reentrancy attack exploits such vulnerabilities in smart contracts and allows an attacker to call a given function multiple times in intelligent contracts. This results in an endless loop of activity and the theft of the funds involved.

An example of such an attack? Here you go. It could be a contract in intelligent contracts that allows users to deposit funds and then withdraw them, only at a later date. In this case, the hacker can call the withdrawal function many times in a row, long before the withdrawal function is called. In this way, he will effectively steal the funds from the contract in question.

We will base the second example, to further understand what a re-entry attack is, on cryptocurrencies. Imagine a smart contract that allows users to send cryptocurrencies to each other. This contract could include a function to transfer funds to other users. However, a problem arises when the function for transferring funds is not properly secured.

An attacker, exploiting this vulnerability, can send a transaction to the contract that calls the funds transfer function and then immediately call the same function before the first call is completed. As a result, the contract does not have time to update user account balances between the two function calls, allowing the attacker to withdraw funds from the contract multiple times.

How does the re-entry attack work?

In practice, the reentrancy attack works as follows:

1. The hacker finds a intelligent contract that is responsible for depositing and withdrawing funds at a later date.
2. The attacker creates a malicious smart contract that loops and calls the escrow function of the actual smart contract.
3. The hacker will then call the ‘withdraw’ function of the specified contract and withdraw the deposited funds.
4. Because a given contract’s deposit function is not adequately protected against this type of attack, the hacker will repeatedly call the deposit function before calling the payout function. As a result, he will effectively steal funds from the smart contract.
5. The attacker will repeat the whole process until he has not stolen as many funds as he wants.

Types of Reentrancy Attack

If you think there is only one type of re-entry attack, you are mistaken. There are several types in the cryptocurrency world. Here they are:

1. Frontrunning attack. This is an example of an attack in which a hacker tracks the blockchain for transactions made that trigger a vulnerable contract. When the attacker catches such a vulnerability, he quickly sends a transaction that triggers the same contract before the original one is processed.
2. Reentrancy Attack depending on the timestamp. This is a type of attack in which a hacker manipulates the time of a block. As a result, he causes the vulnerable contract to be executed in a way that benefits him (for example, stealing funds).
3. Recursive call. A method in which an attacker calls a susceptible smart contract multiple times in a row, Thus causing the contract to execute a previously unintended function multiple times in a row.
4. Cross-Function Call attack. In this case, the hacker calls multiple functions in a vulnerable contract. All, of course, in a specific order in order to trigger a previously unintended action that will benefit him.

How do we protect smart contracts from these types of attacks?

To protect against this type of attack, it is best to use a mutex blocker or mutual exclusion function. The lock prevents the same function from being called multiple times at the same time.

You can also use a protection condition. If such a condition is set on your smart contract, it will not make any, external call and will prevent a reentrant attack.

Another way to prevent re-entry attacks is to check the depth of the call stack. This way you make sure that the contract is not recursively called in any way. And if the contract exceeds a certain depth threshold, the smart contract will stop being executed.

To protect intelligent contracts from Reentrancy Attack you can also use the “require” instruction. This will check the state of a given contract before allowing the function to be executed.

Continuous monitoring of intelligent contracts and updating them is also a good way to protect yourself.

However, it is important for you to remember that these are only some of the ways to protect yourself. To fully protect against re-entry attacks, smart contracts must be audited by industry experts. On top of this, they are extensively tested, further scaling their security.

Examples of re-entry attacks on smart contracts

1. An attack on the lending protocol Lendf.me. The decentralised platform was built on the blockchain Ethereum. The attack took place in 2019, when the attacker discovered a vulnerability in intelligent contract. The vulnerability allowed him to borrow and repay the same loan multiple times. The attacker simultaneously manipulated the price of the underlying assets and, with this procedure, increased the amounts of his loans. As a result, he stole cryptocurrency assets worth more than US$350,000.
2. Siren Protocol. This is another lending platform, built on the blockchain Ethereum. The attacker did exactly the same thing as with Lendf.me. The result? Multiple loans and repayments on the same loan and the theft of more than US$30 million worth of cryptocurrencies.
3. BurgerSwap. It is a decentralised exchange, built on the Binance Smart Chain. The attack took place in 2021, where the attacker exploited a vulnerability in intelligent contracts and borrowed and repaid the same loan multiple times. He also stole assets worth more than $2 million from the platform.
4. DAO Hack. This was an attack on a decentralised investment fund built on the blockchain Ethereum. The hacker discovered a vulnerability inthe DAO contract and repeatedly called the ‘split’ function. Unaware investors withdrew funds from the DAO before the smart contract updated internal balances. Using this vulnerability, the hacker repeatedly called the split function and emptied the organisation of Ethero worth approximately US$50 million.
5. Cream Finance. DeFi platform that allows users to borrow assets. The attack on intelligent contract occurred in 2020, where the attacker repeatedly borrowed and repaid the same loan. At the same time, as in the other cases, he manipulated the prices of the underlying assets. The procedure allowed him to steal funds worth more than US$30 million.

Summary

The Re-entry Attack is a serious threat tosmart contracts on blockchains. Understanding how this type of attack works, and taking the appropriate precautions and programming practices, is key to protecting smart contracts from potential attacks. Protecting against re-entry attacks is a critical part of building a secure and trustworthy blockchain ecosystem.

Complete today’s lesson!

1. What is the 51% attack on blockchain?
2. What is Byzantine fault tolerance in blockchain technology?
3. Blockchain technology and cyber attacks.
4. Do confidential transactions on blockchain exist?