checks-effects-interactions pattern
Objective: Negate Reentrancy attacks
Negative Example
iToken.transferFrom
could be maliciously coded to callwithdrawToken
again,and the contract would transfer iToken out in a loop without modifying the user balance.
The attacker would only have to be careful of stopping the loop before running out of gas, and it would drain your contract of iToken.
Positive Example
Further Readings
Last updated