/reentrancy-attacks

A chronological and (hopefully) complete list of reentrancy attacks to date.

GNU Affero General Public License v3.0AGPL-3.0

⚔️ A Historical Collection of Reentrancy Attacks

👮‍♂️ Sanity checks License: AGPL-3.0-only

📌 Definition of a Reentrancy Attack

Unsafe external call(s) that allow(s) malicious manipulation of the internal and/or associated external contract state(s).

📚 Types of Reentrancy Attacks

  • Single-Function Reentrancy
  • Cross-Function Reentrancy
  • Cross-Contract Reentrancy
  • Cross-Chain Reentrancy
  • Read-Only Reentrancy

📜 Reentrancy Attacks List

A chronological and (hopefully) complete list of reentrancy attacks to date.

Some of the exploits carried out involve multiple separate transactions as well as multiple victim and exploit contracts. For each attack, I have listed the most affected victim contract, the most critical exploit contract, and the most devastating exploit transaction.

💢 Disclaimer

Footnotes

  1. To prevent the article from constantly reloading, deactivate JavaScript in your browser.

  2. We list the attacker's address here for the sake of completeness, but technically the attack was executed with a Near-specific transaction type called "Batch Transaction" and not with a specific exploit contract.

  3. We list the victim contract, the exploit contract, and the exploit transaction on Arbitrum. However, the same exploit was carried out on Optimism with almost the same amount of loss: Victim contract, Exploit contract, Exploit transaction.

  4. The same exploit hit another victim with almost the same amount of loss: Victim contract.

  5. The same exploit hit two other victims with almost the same amount of loss: Victim contract 2, Victim contract 3.

  6. We list the victim contract, the exploit contract, and the exploit transaction on Optimism. However, the same exploit was carried out on Ethereum, albeit with a smaller loss amount: Victim contract, Exploit contract, Exploit transaction.

  7. We list the victim contract, the exploit contract, and the exploit transaction on Polygon. However, the same exploit was carried out on Ethereum, albeit with a smaller loss amount: Victim contract, Exploit contract, Exploit transaction.

  8. The technical post-mortem on the reentrancy lock vulnerability from Vyper can be found here.

  9. The details of the GitHub Security Advisory (GHSA) used to exploit the Terra blockchain can be found here.

  10. We list the victim contract, the exploit contract, and the exploit transaction on Ethereum. However, the same exploit was carried out on Arbitrum, albeit with a smaller loss amount: Victim contract, Exploit contract, Exploit transaction.