The 4 External Call Attacks | Web3 Exploits 101
ฝัง
- เผยแพร่เมื่อ 18 พ.ย. 2023
- Are you a security researcher looking to join a world-class team? Apply to open positions at Guardian here: guardianaudits.notion.site/Gu...
Ultimate Guide To Reentrancy is here: • The Ultimate Guide To ...
Do you want to become an expert security researcher in a matter of months?
Get the guide to becoming a senior auditor in 6 months here: www.intogateway.com/guide
Looking for a Smart Contract Audit? Apply to work with the Guardian team on our website: guardianaudits.com
Join our community aimed at building and sharing a wealth of blockchain and solidity knowledge to help developers/auditors of all levels transform the web3 ecosystem.
lab.guardianaudits.com/
1. Reentrancy
* Classic
* Cross Contract
* Cross Function
* Read only
2. DOS
* Untrusted Revert
* Blacklist
* Try to send Ether
* Calling a function that doesn't exist
* Return data not as expected
3. Gas Griefing
* Forwarding all gas(63/64)
* 1/64 --> Not enough --> DOS
* Expend a ton of gas
4. Return Values
* Unexpected return format
* Gas Griefing
* Unexpected Values.
Owen this is so damn helpful! Thank you!
True Guardian for smart contract. thanks again
Great, thank you, thank you
thx!
what a clear explanation! You are the best
Appreciate you ser!
Another Amazing ❤❤masterpiece is here 🎉🎉
Thanks for the video Owen, I learned a ton!
However, I still don't get how the global reentracy guard protects from readonly reentrancy.
Since this guard "monitors" only system A, if you reenter into system B to update it's storage and system A uses a storage variable from system B after the external call you would still be able to exploit the contract of system A.
Am I missing something here ?
That is correct! It only protects against reentrancy cross contracts in a single system!