A state variable is changed after a contract uses
call.value. The attacker uses
a fallback function—which is automatically executed after
Ether is transferred from the targeted contract—to execute the vulnerable function again, before the
state variable is changed.
- A contract that holds a map of account balances allows users to call a
sendwhich transfers control to the calling contract, but doesn't decrease their balance until after
sendhas finished executing. The attacker can then repeatedly withdraw money that they do not have.
- Avoid use of
- Update all bookkeeping state variables before transferring execution to an external contract.
- The DAO hack