Preventing Reentrancy Attacks in Smart Contracts
On January 15th, a group of key stakeholders chose to halt the Ethereum “Constantinople” upgrade. It was only a day before Constantinople was supposed to take effect, but Chain Security had released a blog post that pointed out that the new reduced gas costs would bypass some previously “reliable” defenses against reentrancy attacks. The Ethereum community worked quickly and transparently to postpone the upgrade so that more investigation could be done.
We wanted to take this opportunity to bring attention to the class of problems that reentrancy attacks are part of, and how certain designs can eliminate the entire class of problems altogether.