Definition

Delegatecall Injection

Meaning ⎊ Exploiting insecure delegatecall usage to execute malicious code within the context of a vulnerable smart contract.
Greeks.liveApril 5, 2026

Delegatecall Injection

Delegatecall injection is a sophisticated exploit involving the EVM opcode delegatecall, which allows a contract to execute code from another contract while maintaining the original contract's storage and context. If the target address for the delegatecall is improperly validated or user-controlled, an attacker can point it to a malicious contract.

This malicious contract then executes within the storage context of the caller, potentially allowing the attacker to overwrite critical variables like owner addresses or balance mappings. This is a common method for achieving privilege escalation in upgradeable proxy contracts.

It effectively tricks the contract into running arbitrary logic under its own authority.

Gas Profiling
Data Feed Latency Issues
True Randomness Verification
Slippage in Crypto Derivatives
Dynamic Fee Model Design
Seed Phrase Predictability
Assembly Language Optimization
Wallet Extended Public Key