Smart Contract Attacks Library

Access control vulnerabilities are the single most devastating category of smart contract exploits in blockchain history. Ranked #1 on the OWASP Sm...

Integer overflow and underflow attacks have drained over $1 billion from Decentralized Finance (DeFi) protocols and web3 projects. In April 2018, a...

The Parity Wallet hack didn't just freeze $150 million - it proved that a single vulnerability can permanently destroy an entire protocol. In Novem...

Imagine being able to borrow $100 million from a bank, manipulate a stock price, pocket the profits, and return the original money - all before the...

Imagine $34 million vanishing into thin air in just 7 minutes. That's exactly what happened to Harvest Finance on October 26, 2020, exposing one of...

Reentrancy is the classic smart contract vulnerability for a reason: it teaches one of the most important audit lessons in Web3 security. External ...

DAO governance attacks are among the most sophisticated exploits in DeFi - and they're only getting more dangerous. From the infamous $182 million ...

Frontrunning attacks exploit the transparent nature of blockchain mempools to steal value from unsuspecting users. Imagine playing a game of poker ...

Let's cut right to the chase: Web3 phishing attacks are the #1 threat in the crypto ecosystem today. While complex smart contract bugs get all the ...

Denial of Service (DOS) attacks are the silent assassins of the Web3 world. Forget the flashy, split-second million-dollar heists - DOS vulnerabili...

Imagine handing someone a signed blank check, expecting them to cash it exactly once. Now imagine they photocopy that exact same check and cash it ...

Flashback to November 2017: A curious GitHub user accidentally triggered a few lines of code and essentially froze 513,774 ETH forever - a stash wo...

Every single byte you store on a public blockchain is just that - public. The Solidity keyword probably fools more Web3 developers than any clever ...

Randomness is the beating heart of Web3 lotteries, NFT minting, gaming, and fair token distributions. But here's the dirty secret about blockchains...

Unchecked return values are easily one of the most deceptive vulnerabilities in smart contract development. Your code compiles cleanly, deploys wit...