Coins: 17,630Market Cap: $2.27T 0.8%24h Vol: $65.72BBTC Dominance: 56.4%ETH: 9.7%Fear & Greed: 27 Fear
Glossary Term

Reentrancy Attack

A classic smart-contract exploit where a malicious contract repeatedly re-enters a function before it finishes updating.

A reentrancy attack exploits contracts that send funds before updating their internal balances. The attacker’s contract, on receiving funds, immediately calls back into the vulnerable function before it has recorded the withdrawal — repeating the loop to drain far more than it should. The 2016 DAO hack, which drained ~$60M and led to Ethereum’s contentious fork, was the seminal example.

It remains one of the most important vulnerability classes, which is why the “checks-effects-interactions” pattern (update state before sending funds) is drilled into every Solidity developer, and why audits hunt for it specifically. For users, reentrancy is a reminder that DeFi’s risks are often in subtle code logic, invisible from the interface.

More Terms

Full glossary →