Introduction
Billions of dollars have been lost to smart contract exploits across DeFi, NFTs, and cross-chain protocols. Despite the diversity of incidents, most of these failures are not random. They follow a small set of recurring, identifiable attack patterns.
For auditors, security researchers, and protocol designers, recognizing these patterns is more valuable than memorizing isolated bugs. The same underlying mechanics appear again and again, only wrapped in different implementations.
Understanding these patterns is a force multiplier for smart contract auditing, enabling faster detection, better threat modeling, and more resilient protocol design.
What Is an Attack Pattern
A vulnerability is a specific flaw in code.
An attack pattern is a repeatable strategy used by attackers to exploit one or more vulnerabilities.
Key distinction
Vulnerability: missing access control check in a functionAttack pattern: privilege escalation through improper authorization logic
Attack patterns abstract away implementation details and focus on attacker behavior.
Why this matters
Multiple vulnerabilities can map to the same attack patternFixing one bug does not eliminate the patternAttackers think in patterns, not functions
1. Reentrancy Variants
Overview
Reentrancy occurs when an external call allows control flow to return to the calling contract before state changes are finalized.
Real World Example
The DAO hack remains the canonical case, where recursive withdrawals drained funds due to state updates occurring after external calls.
Simplified Solidity Example
function withdraw(uint amount) public {
require(balances[msg.sender] >= amount);
(bool success, ) = msg.sender.call{value: amount}(“”);
require(success);
balances[msg.sender] -= amount;
}
Root Cause
State updated after external interactionTrusting external calls without guardrails
Detection Strategies
Look for external calls before state updatesTrace call graphs for recursive entry pointsIdentify shared state variables modified post-call
Prevention Techniques
Checks Effects Interactions patternReentrancy guardsPull over push payment models
2. Oracle Manipulation and Price Exploits
Overview
Protocols relying on manipulable price sources can be exploited through temporary distortions, often using flash loans.
Real World Example
The Mango Markets exploit used price manipulation of thinly traded assets to inflate collateral value and drain liquidity.
Simplified Pseudo Code
price = dex.getPrice(token);
collateralValue = userBalance * price;
require(collateralValue > borrowAmount);
Root Cause
Reliance on spot prices from low-liquidity marketsLack of time weighted or aggregated oracle data
Detection Strategies
Identify price dependenciesEvaluate oracle sources and update frequencySimulate price manipulation scenarios
Prevention Techniques
Use time weighted average price TWAPAggregate multiple oracle sourcesCap maximum price deviation per block
3. Logic and Accounting Errors
Overview
Incorrect assumptions about balances, invariants, or system state can lead to exploitable inconsistencies.
Real World Example
The Nomad bridge exploit involved a flawed initialization that allowed arbitrary message validation.
Simplified Example
function deposit(uint amount) public {
totalSupply += amount;
balances[msg.sender] += amount;
}
Missing invariant checks can allow inconsistencies between totalSupply and actual assets.
Root Cause
Broken invariantsIncorrect state transitionsEdge cases not considered
Detection Strategies
Define and test invariantsUse fuzzing to explore edge casesCompare internal accounting vs actual balances
Prevention Techniques
Formalize invariantsUse assertions in critical pathsPerform differential testing
4. Access Control Failures
Overview
Improper authorization allows attackers to execute privileged functions.
Real World Example
Numerous admin key exploits and upgradeability misconfigurations have led to full protocol compromise.
Simplified Example
function mint(address to, uint amount) public {
_mint(to, amount);
}
No access control means anyone can mint tokens.
Root Cause
Missing or incorrect modifiersRole misconfigurationTrust assumptions about msg.sender
Detection Strategies
Enumerate all privileged functionsVerify role assignments and modifiersAnalyze upgradeability patterns
Prevention Techniques
Use role based access controlMinimize privileged functionsImplement timelocks and multisigs
5. Flash Loan Amplified Attacks
Overview
Flash loans allow attackers to access massive capital within a single transaction, amplifying the impact of other vulnerabilities.
Real World Example
The Euler Finance exploit combined flash loans with liquidation logic flaws to extract significant value.
Simplified Flow
1. Borrow large amount via flash loan
2. Manipulate protocol state
3. Exploit vulnerability
4. Repay loan in same transaction
Root Cause
Assumption that attackers have limited capitalFailure to model atomic composability
Detection Strategies
Simulate large capital scenariosAnalyze composability with other protocolsIdentify functions sensitive to temporary state changes
Prevention Techniques
Introduce rate limitsUse sanity checks on state changesDesign with adversarial liquidity assumptions
Comparative Overview
Auditor Mindset: Thinking in Attack Patterns
Effective smart contract auditing requires shifting from line-by-line inspection to adversarial modeling.
Key principles
Think in terms of attacker goals, not functionsIdentify value flows before analyzing codeMap system invariants and attempt to break themAssume composability with unknown external systems
Practical approach
Start with protocol architectureIdentify critical trust boundariesMap attack surfaces to known patterns
Design Principles for Resilient Protocols
1. Assume Adversarial Conditions
Design as if attackers have infinite capital, perfect timing, and deep protocol knowledge.
2. Minimize Trust Surfaces
Reduce external dependenciesIsolate critical logic
3. Enforce Invariants
Explicitly define system invariantsContinuously validate them
4. Defense in Depth
Combine multiple safeguardsAvoid single points of failure
5. Secure Upgradeability
Use timelocksRequire multisig approvalsAudit upgrade paths
Conclusion
Most smart contract exploits are not novel. They are variations of a small number of attack patterns applied to new codebases.
For professionals in Web3 security, mastering these patterns is essential. It enables faster identification of risks, more effective smart contract auditing, and stronger protocol design.
The future of Web3 security depends not on reacting to individual DeFi hacks, but on proactively designing systems that are resilient against entire classes of exploits.
Understanding patterns is the difference between patching bugs and preventing breaches.
Stay adversarial.
5 Attack Patterns Behind Most Smart Contract Exploits was originally published in Coinmonks on Medium, where people are continuing the conversation by highlighting and responding to this story.