Skip to main content
Learn

What Specific Code Vulnerability in the DAO Contract Allowed the Reentrancy?

The contract sent Ether to the user before updating their internal balance, allowing a recursive call to drain more funds.
Greeks.Live05.11.25

What Specific Code Vulnerability in the DAO Contract Allowed the Reentrancy?

The vulnerability was in the DAO's splitDAO function, which was used to withdraw funds. The code first checked the user's balance, then performed an external call to send the user their Ether ( msg.sender.call.value() ), and only after that did it update the internal ledger to reflect the withdrawal.

This violated the Checks-Effects-Interactions pattern. By making the external call before updating the state, it opened the door for the attacker to recursively call the function and withdraw the same funds repeatedly before the balance was set to zero.

What Is a Reentrancy Attack in Smart Contracts?
How Do Solidity Modifiers like Nonreentrant Implement the CEI Principle?
Why Is Updating State before an External Call the Critical Part of the CEI Pattern?
If a User Has an Allowance of 100 Tokens and a Balance of 50, What Is the Maximum the Contract Can Pull?

About

Contact

Editorial Policy

Terms of Service

Privacy Policy

Cookie Policy

© 2025 Greeks.Live

All Rights Reserved

Greeks.Live RFQ

Build by Noo on Engine

Source: The content on this website is produced by Greeks.live's proprietary analysis systems, which utilize advanced Large Language Models (LLMs). This information might not be subject to a full human review before publication and may contain errors.
Responsibility: You should not make any financial decisions based solely on the content presented here. We strongly urge you to conduct your own rigorous due diligence and to consult a qualified, independent financial advisor.
Purpose: All information is intended for informational purposes only. It should not be construed as financial, investment, trading, or any other form of professional advice. News and data are not trading signals.
Risk: The cryptocurrency, derivatives, and options markets are highly volatile and carry significant risk. By using this site, you acknowledge these risks and agree that Greeks.live and its affiliates are not responsible for any financial losses you may incur.