Authentication Bypass

Authentication bypass occurs when an attacker circumvents the verification process required to confirm their identity or authority to perform an action. In smart contracts, this often involves exploiting flaws in how identity is checked, such as relying on easily spoofed parameters or incorrect signature verification.

If the system incorrectly identifies the caller as an authorized user, the attacker gains access to protected functionality. This vulnerability essentially invalidates the security perimeter of the contract.

It is a direct failure of the mechanism intended to prove who the user is.