Introduction: Why the Same Vulnerabilities Keep Recurring
According to Chainalysis, 73% of DeFi hacks in 2023 originated from already-known vulnerability patterns. Failures to prevent known issues far outnumber novel attack vectors.
1. Access Control Vulnerabilities
Case study: 2022 Ronin Bridge ($625M) — validator private keys compromised
// ⚠️ Vulnerable: no onlyOwner check
contract VulnerableToken {
mapping(address => uint256) public balances;
// Anyone can call — unlimited minting possible
function mint(address to, uint256 amount) external {
balances[to] += amount;
}
}
// ✅ Safe: access control added
import "@openzeppelin/contracts/access/Ownable.sol";
contract SecureToken is Ownable {
mapping(address => uint256) public balances;
function mint(address to, uint256 amount) external onlyOwner {
balances[to] += amount;
}
}
Detection: Slither's suicidal and unprotected-ether-withdrawal detectors flag unprotected sensitive functions.
2. Integer Overflow / Underflow
Case study: 2018 BatchOverflow (BEC Token) — trillions of tokens illegally minted
// ⚠️ Solidity 0.7.x and below — overflow occurs
contract OldToken {
mapping(address => uint8) public balances;
function transfer(address to, uint8 amount) external {
// uint8 max = 255. If balances[msg.sender] = 5, amount = 250:
// 5 - 250 = overflow → 11 (wraparound)
balances[msg.sender] -= amount;
balances[to] += amount;
}
}
// ✅ Solidity 0.8.0+: automatic overflow checks
// Or use OpenZeppelin SafeMath for 0.7.x and below
contract NewToken {
mapping(address => uint256) public balances;
function transfer(address to, uint256 amount) external {
// 0.8.0+ automatically reverts on overflow
balances[msg.sender] -= amount;
balances[to] += amount;
}
}
Key point: Use Solidity 0.8.0 or later. If using unchecked blocks, manual validation is essential.
3. Price Oracle Manipulation
Case studies: 2020 Harvest Finance ($34M), 2020 bZx ($1M)
On-chain oracles (e.g., Uniswap spot price) can be manipulated within a single transaction.
// ⚠️ Vulnerable: directly using current block's spot price
contract VulnerableLending {
IUniswapV2Pair public pair;
function getCollateralPrice() public view returns (uint256) {
(uint112 reserve0, uint112 reserve1,) = pair.getReserves();
// Reserves can be manipulated via flash loan, distorting the price
return reserve1 * 1e18 / reserve0;
}
}
// ✅ Safe: using Chainlink TWAP (Time-Weighted Average Price)
import "@chainlink/contracts/src/v0.8/interfaces/AggregatorV3Interface.sol";
contract SecureLending {
AggregatorV3Interface internal priceFeed;
function getCollateralPrice() public view returns (uint256) {
(, int256 price,, uint256 updatedAt,) = priceFeed.latestRoundData();
require(block.timestamp - updatedAt < 1 hours, "Stale price");
return uint256(price);
}
}
4. Flash Loan Attacks
Case studies: 2021 PancakeBunny ($45M), 2022 Mango Markets ($114M)
Flash loans allow borrowing millions of dollars without collateral and repaying within a single transaction. Vulnerable protocols can be exploited to manipulate prices or seize governance.
Attack flow:
1. Borrow 10,000 ETH via flash loan
2. Execute a large buy on a DEX → token price spikes
3. Take out a loan against the overvalued collateral on the vulnerable protocol
4. Extract assets before the price drops
5. Repay the flash loan
6. Pocket the profit
Defense strategies:
- Use Chainlink external oracles (TWAP preferred)
- Apply circuit breakers for large price swings within a single block
- Governance: only recognize voting power from snapshots taken before the proposal block
5. Front-Running (MEV)
Impact: Uniswap traders lose hundreds of millions of dollars annually to MEV bots
// ⚠️ Vulnerable: transaction details exposed in the mempool
function buyToken(uint256 maxPrice) external payable {
uint256 currentPrice = getTokenPrice(); // readable from mempool
require(currentPrice <= maxPrice);
_executeBuy(msg.value);
}
Defense strategies:
- Set explicit slippage tolerance
- Commit-Reveal pattern: submit an encrypted intent first, reveal later
- Use Flashbots / private mempool to prevent transaction exposure
// ✅ Commit-Reveal pattern
contract SecureAuction {
mapping(bytes32 => address) public commitments;
// Step 1: submit bid as a hash only
function commit(bytes32 hashedBid) external {
commitments[hashedBid] = msg.sender;
}
// Step 2: reveal the hash (after a timelock)
function reveal(uint256 bidAmount, bytes32 salt) external {
bytes32 hash = keccak256(abi.encodePacked(bidAmount, salt));
require(commitments[hash] == msg.sender);
// Process the actual bid
}
}
Automated Vulnerability Detection Tool Comparison
| Vulnerability | Slither | Mythril | Semgrep | Aderyn | AI (ContractScan) |
|---|---|---|---|---|---|
| Access Control | ✅ High | ✅ Medium | ✅ High | ✅ Medium | ✅ Context-aware |
| Integer Overflow | ✅ High | ✅ High | ✅ Medium | ✅ High | ✅ |
| Reentrancy | ✅ High | ✅ High | ✅ Medium | ✅ Medium | ✅ |
| Oracle Manipulation | ⚠️ Low | ⚠️ Low | ⚠️ Low | ⚠️ Low | ✅ Semantic |
| Front-running | ⚠️ Low | ⚠️ Low | ⚠️ Low | ⚠️ Low | ✅ Logic-aware |
AI-based analysis can identify business logic vulnerabilities through contextual understanding that static analysis tools miss. No single tool catches everything — which is why multi-engine scanning is the industry standard for serious audits.
ContractScan runs all five engines (Slither, Mythril, Semgrep, Aderyn, AI) in parallel and produces a unified report. Try a free QuickScan — no sign-up required.
Want a hands-on comparison of Slither, Mythril, and Semgrep? Read our security tools comparison guide.
Important Notes
This post is for informational and educational purposes only. It does not constitute financial, legal, or investment advice. The security analysis provided is based on available data and automated tools, which may not capture all potential vulnerabilities. Always conduct a professional audit before deploying smart contracts.