Acquista cryptoMercatiSpotFuturesGOLDEarnCentro eventi
Altro
Reentrancy is one of the oldest and most documented attack vectors in smart contract security. And yet — in 2025 — it’s still popping up…Continue reading on Coinmonks »Reentrancy is one of the oldest and most documented attack vectors in smart contract security. And yet — in 2025 — it’s still popping up…Continue reading on Coinmonks »

Reentrancy Bugs: Why They Still Break Smart Contracts

Autore: Medium
Fonte: Medium
2025/10/24 20:06
1 min di lettura
Smart Blockchain
SMART$0.005119-1.63%
Per feedback o dubbi su questo contenuto, contattateci all'indirizzo crypto.news@mexc.com.
Press enter or click to view image in full size

Reentrancy is one of the oldest and most documented attack vectors in smart contract security. And yet — in 2025 — it’s still popping up in real-world audits, bug bounties, and mainnet exploits.

This post isn’t a tutorial. It’s a pattern review. A breakdown of where developers still get it wrong, and how subtle variations of reentrancy continue to break production protocols.

1. The Classic Pattern Still Appears

You’ve seen this one in every blog post since The DAO hack (2016), but developers still write it:

function withdraw() public {
uint amount = balances[msg.sender];
(bool sent, ) = msg.sender.call{value: amount}("");
require(sent, "Transfer failed");
balances[msg.sender] = 0;
}

🧠 What’s wrong?
State is updated after external call. If the receiving contract is malicious, it can recursively call withdraw() before balances[msg.sender] is reset.

2. The Safe Pattern (Still Ignored)

function withdraw() public {
uint amount = balances[msg.sender];
balances[msg.sender] = 0;
(bool sent, ) = msg.sender.call{value: amount}("");
require(sent, "Transfer failed");
}

Opportunità di mercato
Logo Smart Blockchain
Valore Smart Blockchain (SMART)
$0.005119
$0.005119$0.005119
-0.92%
USD
Grafico dei prezzi in tempo reale di Smart Blockchain (SMART)
Disclaimer: gli articoli ripubblicati su questo sito provengono da piattaforme pubbliche e sono forniti esclusivamente a scopo informativo. Non riflettono necessariamente le opinioni di MEXC. Tutti i diritti rimangono agli autori originali. Se ritieni che un contenuto violi i diritti di terze parti, contatta crypto.news@mexc.com per la rimozione. MEXC non fornisce alcuna garanzia in merito all'accuratezza, completezza o tempestività del contenuto e non è responsabile per eventuali azioni intraprese sulla base delle informazioni fornite. Il contenuto non costituisce consulenza finanziaria, legale o professionale di altro tipo, né deve essere considerato una raccomandazione o un'approvazione da parte di MEXC.

Potrebbe anche piacerti

UK FCA May Exempt Crypto Firms from Key TradFi Rules — What’s at Stake?

UK FCA May Exempt Crypto Firms from Key TradFi Rules — What’s at Stake?

The UK’s FCA proposal to exempt crypto firms from certain traditional finance obligations explores rules on consumer duty, operational resilience, financial crime controls, and how complaints in crypto markets should be resolved.
Condividi
Coinstats2025/09/17 23:28
New Bank of Korea head prioritizes CBDCs, deposit tokens

New Bank of Korea head prioritizes CBDCs, deposit tokens

The post New Bank of Korea head prioritizes CBDCs, deposit tokens appeared on BitcoinEthereumNews.com. Homepage > News > Finance > New Bank of Korea head prioritizes
Condividi
BitcoinEthereumNews2026/04/28 17:09
Sky Protocol (SKY) Eyes 36% Rally Toward $0.095 on Weekly RSI Strength

Sky Protocol (SKY) Eyes 36% Rally Toward $0.095 on Weekly RSI Strength

The post Sky Protocol (SKY) Eyes 36% Rally Toward $0.095 on Weekly RSI Strength appeared on BitcoinEthereumNews.com. Sky Protocol (SKY) trades near $0.088 after
Condividi
BitcoinEthereumNews2026/04/28 17:33

Roll the Dice & Win Up to 1 BTC

Roll the Dice & Win Up to 1 BTCRoll the Dice & Win Up to 1 BTC

Invite friends & share 500,000 USDT!