Intro to Smart contract exploits: Selfdestruct function

  1. Transfer: Throws exception when an error occurs, and the code will not execute afterward
  2. Send: The transfer error does not throw an exception and returns true/false. The code will continue to execute.
  3. call.value().gas: Transfer error does not throw an exception and returns true/false. The code will execute, but call functions for transfer are prone to reentrancy attacks.

Let’s look at an example of an Attack contract

--

--

--

SlowMist is a Blockchain security firm established in 2018, providing services such as security audits, security consultants, red teaming, and more.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

6 Best Practices for Your Smartphone Security

vector image depicting smartphone and data security

How to Deal with Blackmails — Security through Obscurity

Announcing PhishFinder!

Polka.Domain DNS market research

{UPDATE} Tank Battle HD Hack Free Resources Generator

CYFIRMA’s Cyber Threat and Risk Prediction for 2019

The Software as a Service Pattern (SaaS), explained for a real business problem

The main advantages of the CRODO project

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
SlowMist

SlowMist

SlowMist is a Blockchain security firm established in 2018, providing services such as security audits, security consultants, red teaming, and more.

More from Medium

Damn Vulnerable DeFi Challenge #1 — Unstoppable

MistTrack AML, the swiss army knife of Anti- Money Laundering tools

Foundry + Conflux for Smart Contract Development

Damn Vulnerable Defi Walkthrough Part Two: Challenge 7–12.