Index
Tip
Seeking more detailed information on smart contract attacks? The Smart Contract Security Field Guide offers an extensive range of attack strategies with in-depth explanations on vulnerabilities, including new code samples for a hands-on learning experience. Enhance your understanding and stay ahead of potential threats by visiting this continuously updated resource.
The following is a list of known attacks which you should be aware of, and defend against when writing smart contracts.
| Category | Description |
|---|---|
| Reentrancy | Intra- and inter-function reentrancy attacks and potentially faulty solutions to them. |
| Oracle Manipulation | Manipulation of external data providers and potential solutions to oracle security issues. |
| Frontrunning | A definition and taxonomy around frontrunning and related attacks. |
| Timestamp Dependence | Attacks relating to the timing of a transaction. |
| Insecure Arithmetic | Integer overflows and underflows. |
| Denial of Service | Denial of service attacks through unexpected reverts and the block gas limit. |
| Griefing | Attacks relating to bad faith players around a smart contract system. |
| Force Feeding | Forcing Ether to be sent to smart contracts to manipulate balance checks. |
| Deprecated/Historical | Attacks that are part of Ethereum's history and vulnerabilities that have been fixes on a (Solidity) compiler level. |
| More | Where to find more information about vulnerabilities and weaknesses. |