How To Secure Your Smart Contracts
Prerequisites: A basic understanding of the Ethereum Blockchain and Smart Contracts.
Introduction
Tunnel vision, a pitfall that every developer has experienced. When developing new code for a specific purpose, it’s easy to become so focussed on solving a particular problem that we miss something important.
This is especially true when transitioning from one technology to another. For example: If you come from a background in javascript, it’s unlikely you’d have much concern for overflow exploitation, yet in Solidity, it needs to be addressed.
We’re going to go through some weaknesses that are inherent in Solidity: Reentrancy Hacks and Owner Logic Theft.
Reentrancy Attacks
What
Smart contracts will often need to call or send ether to an external address. This type of operation is inherently vulnerable to reentrancy.
To perform a reentrancy attack, the attacker deploys a malicious contract to the network. This contract intends to manipulate the logic of the target contract into sending Ether to it, thus invoking its fallback function. The fallback function then recalls the target contract during the…
