reentrancy-attacks
A chronological and (hopefully) complete list of reentrancy attacks to date. (by pcaversaccio)
the-dao-hack-simulation
A simulation of the infamous DAO hack from 2016 (by ssteiger)
Our great sponsors
| reentrancy-attacks | the-dao-hack-simulation | |
|---|---|---|
| 1 | 2 | |
| 1,211 | 5 | |
| - | - | |
| 7.5 | 0.0 | |
| 14 days ago | over 1 year ago | |
| JavaScript | ||
| GNU Affero General Public License v3.0 | MIT License |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
reentrancy-attacks
Posts with mentions or reviews of reentrancy-attacks.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-12-02.
-
A look into formal verification of smart contracts using Certora
The main challenge is dealing with non-view functions. The default behavior of the prover is to assume that an external call can alter all state on every contract but the caller, noted as HAVOC_ECF. This can lead to state changes in external contracts that are unreachable, making verification more difficult. Furthermore, it assumes that the call is non-reentrant, which in reality is a frequent source of attacks. This last issue can be avoided by indicating that calls can re-enter, noted as HAVOC_ALL, but this means that an external call can mutate any state in any contract, caller included. This leaves the contract being verified in a state where we don't know anything about it after an external call is made. This severely limits what we can prove.
the-dao-hack-simulation
Posts with mentions or reviews of the-dao-hack-simulation.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-06-18.
What are some alternatives?
When comparing reentrancy-attacks and the-dao-hack-simulation you can also consider the following projects:
LiquidityPoolExample - Example Certora verification for a simple multi-contract system
smart-contract-best-practices - A guide to smart contract security best practices
ethereumbook - Mastering Ethereum, by Andreas M. Antonopoulos, Gavin Wood
openzeppelin-solidity - OpenZeppelin Contracts is a library for secure smart contract development. [Moved to: https://github.com/OpenZeppelin/openzeppelin-contracts]