Security

Here is a list of smart contract security vulnerabilities I made while going through this blog post by Sigma Prime: https://blog.sigmaprime.io/solidity-security.html. Some vulnerabilities have been fixed since the blog was published and I have highlighted the same where ever necessary. This is going to be a series of posts, listed below: https://aaruni.io/2022/08/solidity-security-vulnerabilities-re-entrancy https://aaruni.io/2022/08/solidity-security-vulnerabilities-arithmetic-over-under-flows https://aaruni.io/2022/08/solidity-security-vulnerabilities-unexpected-ether https://aaruni.io/2022/08/solidity-security-vulnerabilities-tx-origin-authentication … Read more

Re-entrancy, as the name suggests, is when a Contract A calls a function in an untrusted contract B which then calls A again maliciously. In the example I provide below, the contract named “Vulnerable” is a faucet that provides 10 wei per week to any caller. Our “Attacker” contract exploits the fact that: The Vulnerable … Read more