Reentrancy Attack On Smart Contracts: How To Identify The Exploitable And An Example Of An Attack…
Gustavo (Gus) Guimaraes
5708

Hi Gustavo,

While trying to understand how Smart Contracts work and reading on potential security implications, I fell upon your link and saw this proof of concept.

One question (or a few more) bug (bugs) me though..

  1. With the current code, when the honeypot.balance gets depleted, then the fallback function won’t enter inside the “if honeypot.balance >= “ branch anymore, what is the result of not having any operation / doing nothing when it hits the fallback function? (does this return a true value to the original get() call => all the recursive “payments” up to that moment are confirmed/worked?)
  2. What would happen if during the recursive calling there would be no such check as the one mentioned before and as such the “get()” would end up with the “throw” after a few loops. Would all the recursive calls that worked until it hit the throw be rolled back or just the last one?

I got a bit confused :)

Sorry for the newbie questions.

One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.