How to Detect Reentrancy Vulnerabilities in Solidity

Reentrancy is the most exploited vulnerability in Ethereum smart contract history.

Classic Example: The DAO Hack (2016)

function withdraw(uint amount) external {
    require(balances[msg.sender] >= amount);
    msg.sender.call{value: amount}("");
    balances[msg.sender] -= amount;
}

How to Prevent Reentrancy

Method 1: Checks-Effects-Interactions

function withdraw(uint amount) external {
    require(balances[msg.sender] >= amount);
    balances[msg.sender] -= amount;
    (bool ok,) = msg.sender.call{value: amount}("");
    require(ok);
}

Method 2: ReentrancyGuard

import "@openzeppelin/contracts/security/ReentrancyGuard.sol";
contract Vault is ReentrancyGuard {
    function withdraw(uint amount) external nonReentrant {
        (bool ok,) = msg.sender.call{value: amount}("");
        require(ok);
    }
}

Free Automated Detection

Cipher Zero automatically detects reentrancy:

Scans every external call
Validates ReentrancyGuard usage
Checks state-update ordering

Try: Web Scanner | Telegram | Dashboard

Scan Any Token for Free

Paste any Base chain token address and get instant safety analysis.

Open Token Safety Scanner →