Replay Attacks on Ethereum Smart Contracts at Defcon 26

Below is a link to their github repo with their research shared in their talk this morning:

The workflow for the replay attack works by exploiting similar contract code where inter-contract signatures are not verified and thus allow a proxy contract to exploit this vulnerability and transfer value.

You can see the smart contracts they used to demonstrate their exploit on our platform.

Dig into the transaction details to understand what is going on. looking at the function calls and see if you can follow the exploit!

This exploit has been found in 52 Smart Contracts targeting ERC20 contracts with: require( totalsupply>0) and uses ECCRECOVER function.

Most have no real token holders so not that alarming at first glance

Of the 52 smart contracts identified we have ranked the active contracts by the number of token holders here below:

Related posts:

Backend applications are the core of any modern web application. They handle the business logic, data processing, and communication with other services. However, deploying and securing them can be…

Martian Wallet is a new and innovative wallet that allows users to mint NFTs on the Aptos. The wallet is available as a Google Chrome extension and is one of the products being built for the Aptos…

Decemberben a Sisu Hálózatot elfogadták és támogatást kapott a Lisk Alapítványtól, egy hatékony szoftverfejlesztési készlettel (SDK) rendelkező blockchain alkalmazás platform, hogy építsenek egy…