Reentrancy Exploits

A reentrancy exploit is a type of smart contract vulnerability where an attacker repeatedly calls a function before the initial execution is completed. This allows the attacker to drain funds by repeatedly withdrawing assets before the contract updates the user's balance.

It typically occurs when a contract makes an external call to an untrusted contract without properly checking the state. This exploit has been responsible for some of the largest losses in DeFi history.

Preventing it requires strict adherence to secure coding patterns, such as the checks-effects-interactions pattern. It highlights the importance of rigorous security audits in the development of programmable money.