File tree Expand file tree Collapse file tree 1 file changed +6
-5
lines changed Expand file tree Collapse file tree 1 file changed +6
-5
lines changed Original file line number Diff line number Diff line change 22
33A malicious contract can permanently stall another contract by failing
44in a strategic way. In particular, contracts that bulk perform transactions or updates using
5- a ` for ` loop can be DoS'd if a call to another contract or ` send ` fails during the loop.
5+ a ` for ` loop can be DoS'd if a call to another contract or ` transfer ` fails during the loop.
66
77## Attack Scenarios
88
99- Auction contract where frontrunner must be reimbursed when they are outbid. If the call refunding
10- the frontrunner continuously fails, the auction is stalled and they become the de- facto winner.
10+ the frontrunner continuously fails, the auction is stalled and they become the de facto winner.
1111
12- - Contract iterates through an array to pay back its users. If one send fails in the middle of a ` for ` loop
12+ - Contract iterates through an array to pay back its users. If one ` transfer ` fails in the middle of a ` for ` loop
1313all reimbursements fail.
1414
15- - Attacker forces calling contract to spend remainder of its gas and revert.
15+ - Attacker spams contract, causing some array to become large. Then ` for ` loops iterating through the array
16+ might run out of gas and revert.
1617
1718## Examples
1819
@@ -30,4 +31,4 @@ using `while` loop that exists when gas drops below certain threshold.
3031## References
3132
3233- https://www.reddit.com/r/ethereum/comments/4ghzhv/governmentals_1100_eth_jackpot_payout_is_stuck/
33- - https://github.com/ConsenSys/smart-contract-best-practices#dos-with-unexpected-revert
34+ - https://github.com/ConsenSys/smart-contract-best-practices#dos-with-unexpected-revert
You can’t perform that action at this time.
0 commit comments