Context Preservation Attacks

Context preservation attacks occur when an attacker leverages the way delegatecall preserves the caller's context to execute malicious operations. Because the target contract operates on the caller's storage and balance, an attacker might trick a contract into performing a delegatecall to a malicious function.

If the calling contract has elevated privileges, the malicious code inherits those privileges, allowing the attacker to perform unauthorized actions. This is a major concern in protocols that use proxy patterns or library-based architectures.

Developers must ensure that all delegatecall targets are strictly validated and that the calling contract does not inadvertently grant excessive permissions. Understanding how the EVM context behaves during delegatecall is essential for preventing these types of attacks.

It requires careful design of contract interfaces and security boundaries.