Prevent reentrancy attack with example from an unsecured Bank contract
date
Feb 16, 2023
slug
prevent-reentrancy-attack-with-example-from-an-unsecured-bank-contract
status
Published
tags
solidity
smart-contract
blockchain-security
summary
Learn how to safeguard your smart contracts against reentrancy attacks by exploring an example derived from an unsecured Bank contract. Discover essential mitigation strategies and best practices to protect your decentralized applications from this kind of vulnerability
type
Post
Continuing the discussion on the reentrancy vulnerability in UnsecuredBank smart contract as mentioned in the previous article, our focus now shifts towards identifying and addressing all the existing issues within the smart contract to enhance its overall security.
Existing issues and solutions
Problem | Reference | Solution |
Reentrancy vulnerability | withdraw(uint256 amount) function of Bank smart contract | • Implement ReentrancyGuard.sol from OpenZeppelin
• Within the withdraw function of Bank smart contract, adjust the local storage variable prior to initiating an external call to the TokenAsset contract for the purpose of token transfer |
Potential arithmetic over flow vulnerability | In the functions of the Bank smart contract, the balance calculation is currently performed using common mathematical operations without incorporating secure validations | Implement SafeMath.sol from OpenZeppelin for uint256 |