๐Ÿ—
๐Ÿ—
๐Ÿ—
๐Ÿ—
Scaffold-eth | Docs
Searchโ€ฆ
๐Ÿ—
Welcome to Scaffold-eth
Getting Started
๐Ÿ“ฅ
Installation
๐Ÿš€
Quick Start
๐Ÿ‘ฉโ€๐Ÿ”ฌ Deploying Your Contracts
๐Ÿšข
Shipping Your App
Toolkit
๐Ÿ“š
The Scaffold-eth Stack
๐Ÿงฐ
Libraries, Components & Services
๐Ÿ‘ฉโ€๐Ÿซ Troubleshooting
๐Ÿšง
Infrastructure
Speed run challenge course
๐Ÿง™โ€โ™‚๏ธ About the Speed Run
๐Ÿ–ผ Simple NFT
๐Ÿฅฉ
Decentralized Staking App
๐Ÿต
Token Vendor
โœ๏ธ Multi-Sig
๐Ÿ”ฎ
Implementing an Oracle
๐Ÿ“‰
Minimum Viable DEX
๐ŸŽจ
NFT Marketplace
๐Ÿ˜ฑ
Create a Stream
๐Ÿ—„
Indexer & Node
Example Branches
๐Ÿ‘€
Overview
๐Ÿ’ฅ
Common Web3 Patterns
๐Ÿ’ต
DeFi
๐ŸŽซ
NFTs
๐Ÿš“
Security
๐Ÿฏ
Honeypot
โ˜ ๏ธ Re-entrancy Attack
๐Ÿ˜ˆ
Denial of Service
๐Ÿšง
Infrastructure
โš–๏ธ Layer 2 and Scaling
Community
Projects built with Scaffold-eth
Contribute to Scaffold-eth
BuidlGuidl.com
Support
Getting help
Changelog
Support Scaffold-eth & BuidlGuidl
Powered By GitBook
โ˜ ๏ธ Re-entrancy Attack

Branch Info

Source code: https://github.com/scaffold-eth/scaffold-eth-examples/tree/simple-nft-example Intended audience: Beginners/Intermediate Topics: Scaffold-eth basics, Security

Re-entrancy Example

Tutorial Explanation

The re-enterancy contract is vulnerable through its poorly written withdraw() function. Withdraw_safe() is not. To test the attack do this:
Player 1 (usually an incognito tab): In the re-enterancy contract, Deposit 0.001 ETH (converted into GWEI by clicking *) Verify the amount in the contract is $0.001 (or whatever the price of ETH is)
Player 2 (attacker): In the attacker contract, deposit 0.001 ETH as well. Verify the contract now has $0.002 From the attacker contract, withdraw Notice the balance of the attacker contract now has 2x the funds it should, and re-enterancy has 0. Also, the Player 1's balance in the contract seems to still be 0.001.
The takeaway? Follow the checks-effects-interaction pattern in all your functions :)

Quickstart

1
git clone https://github.com/scaffold-eth/scaffold-eth-examples.git reentrancy
2
cd reentrancy
3
git checkout reentrancy-example
Copied!
1
yarn install
Copied!
1
yarn start
Copied!
in a second terminal window:
1
yarn chain
Copied!
in a third terminal window:
1
yarn deploy
Copied!
๐Ÿ” Edit your smart contract Attacker.sol and Reenterancy.sol in packages/hardhat/contracts
๐Ÿ“ Edit your frontend App.jsx in packages/react-app/src
๐Ÿ“ฑ Open http://localhost:3000 to see the app
First try interacting with Reenterancy.sol directly. You can deposit, check your balance, and withdraw:
For the attack to work, you need to deposit some extra funds so they can be stolen:
Make sure the Reenterancy.sol contract has extra funds in it:
Then, deposit a the same amount through the Attacker.sol:
Finally, when you withdraw from the Attacker.sol it will withdraw once and then re-enter and withdraw again:
The Reenterancy.sol contract is now empty but the original account that deposited the extra funds thinks they still have a balance:
Previous
Honeypot
Next
Denial of Service
Last modified 5mo ago
Copy link
Contents
Branch Info
Re-entrancy Example
Tutorial Explanation
Quickstart