Re-entrancy attacks may seem old news. They have become widely known ever since the 2016 DAO hack on the Ethereum Blockchain. Nevertheless, although most projects have introduced defenses since, new re-entrancy vulnerabilities continue to plague the DeFi industry. Their destructiveness is evidenced by the eye-watering sums drained and reputations ruined.
In this edition of DeFi 101, we explain how re-entrancy attacks work, give examples of recent cases, and discuss why such smart contract vulnerabilities remain relevant to this day. Remember that this is about so much more than substantial financial losses — the persistence of such exploits propagates the myth of DeFi as the “Wild West”, stifling mass adoption efforts.
Breaking and Re-entering
At a high level, a re-entrancy attack is essentially an interaction between two smart contracts, where the attacking smart contract attempts to drain another smart contract of its funds. It does so by repeatedly calling the withdraw function before the vulnerable smart contract has had a chance to update its balance.
A more detailed explanation requires some context, especially what exactly “re-entrancy” is. In computer science, a procedure is said to be “re-entrant” if it can be interrupted midway through execution and then called again (re-entered) before the initial invocation is complete. In essence, this means that multiple occurrences of the same procedure can safely run at the same time without throwing an error. In development, this ability to re-enter a function while it is already being executed is very useful.
Nevertheless, this re-entrancy can also be a source of vulnerability. Smart contracts on Ethereum are particularly at risk because the Ethereum blockchain does not differentiate between user and smart contract accounts. This means that if some ether is sent to an external contract containing smart contract code, that code is given a chance to run. This makes it possible for the attacking smart contract to make a recursive callback to the original function.
To actually drain the funds, malicious actors then exploit the way a vulnerable smart contract is designed to handle transactions. Frequently, this is configured to send funds -> update balance. A re-entrancy attack works by repeatedly re-entering the process to initiate multiple iterations of the withdraw function before that “update balance” step has had a chance to run. Essentially, in the time window between when the funds are sent and the balance updated, the attacking smart contract can initiate another cycle, and another, until all funds are drained.
The full destructiveness of such an attack is reflected in the huge lost valuations and shattered investor confidence. Projects recently compromised by a re-entrancy attack include:
- Fei Protocol (April 2022) — $80 million
- Paraluni (March 2022) — $1.7 million
- Grim Finance (December 2021) — $30 million
- Siren protocol (September 2021) — $3.5 million
- The SURGEBNB (August 2021) — $4 million
- CREAM FINANCE (August 2021) — $18.8 million
- The BurgerSwap (May 2021) — $7.2 million
- Uniswap/Lendf.Me (April 2020) — $25 million
Patch up and go
To avoid a similar faith, smart contract developers must first be aware of the existence of this type of attack. This involves staying vigilant in development, frequently reviewing the structure of code, and scouting for vulnerabilities. Smart contracts that include callback functions should be treated with particular caution.
When it comes to actually making re-entrancy attacks impossible, the general principle is to make sure there are no internal state updates after calling external contracts. This means that the balance should be updated before the actual transfer.
Because re-entrancy vulnerabilities are well-known within the community, there is considerable expertise within the industry on how to protect smart contract code against this threat. That’s why Lossless recommends regular smart contract security audits from a reputable third party, which are enormously beneficial in avoiding launching with vulnerable code.
Restoring trust in web3 security. Lossless incorporates a new layer of blockchain transaction security, protecting projects and their communities from malicious exploits and the associated financial loss.
Lossless protocol implements an additional layer of blockchain transaction security for ERC-20 standard tokens, mitigating the financial impact of smart contract exploits and private key theft. Lossless protocol utilizes community-driven threat identification tools and a unique stake-based reporting system to identify suspicious transactions, providing real-time protection.