The Big Five Smart Contract Vulnerabilities Behind the Most Devastating Hacks: A 2025 Postmortem
Last week I wrote about delegatecall mishaps, and earlier this month we unpacked flash‑loan chaos. Today, let’s stitch the narrative together and examine the five recurring smart‑contract flaws that still drain billions.
— -
Why Another Postmortem?
Because postmortems work. They transform painful incidents into actionable knowledge. By placing the most common exploit classes side by side, we can spot the shared root causes — and design layered defenses.
Below, each section follows the same structure:
- What it is
- Real‑world breach
- Exploit flow
- Root cause
- Prevention checklist
— -
1. Reentrancy (“The DAO” Pattern)
Breach: The DAO (2016) — $60M drained
An external call inside
withdraw()
let the attacker recursively re‑enter before state variables updated.
Exploit Flow
- Attacker calls
withdraw()
. - Contract sends ETH before setting balance to
0
. - Fallback re‑enters
withdraw()
repeatedly.
Root Cause: State changes after external calls.
Prevention Checklist
- Use checks‑effects‑interactions pattern.
- Guard with reentrancy mutex (
ReentrancyGuard
). - Favor pull over push payments.
— -
2. Flash‑Loan‑Driven Liquidity Manipulation
Breach: bZx (2020) — $8.1M across three incidents
Exploit Flow
- Borrow large capital via flash loan.
- Manipulate DEX price oracle within same tx.
- Open under‑collateralized position / drain pool.
Root Cause: Reliance on on‑chain spot prices without TWAP oracles.
Prevention Checklist
- Use time‑weighted average price (TWAP) feeds.
- Cap slippage; add circuit breakers.
- Isolate lending pools per asset.
— -
3. Access‑Control & delegatecall
Confusion
(Covered in detail here but summarized for completeness.)
Breach: Parity Multisig (2017) — $150M frozen
Exploit Flow
- Library contract lacked
onlyOwner
oninitWallet
. - Attacker became owner, then killed library.
Root Cause: Unprotected initialization + dangerous delegatecall
context.
Prevention Checklist
- Initialize once; lock constructors.
- Use OpenZeppelin’s
Ownable
orAccessControl
. - Avoid
delegatecall
unless absolutely required.
— -
4. Integer Overflow & Underflow
Breach: Fei Rari Fuse (2022) — $80M lost
Exploit Flow
- Crafted input caused
supply()
math underflow. - Bypass collateral checks; mint excess tokens.
Root Cause: Custom math without SafeMath
(pre‑0.8) or unchecked blocks (post‑0.8).
Prevention Checklist
- Solidity >=0.8 auto‑reverts on overflow — keep compiler up to date.
- Use
unchecked {}
only with explicit bounds checks. - Fuzz test with extreme values.
— -
5. Oracle Manipulation
Breach: Harvest Finance (2020) — $34M drained
Exploit Flow
- Flash loan to swing Curve pool prices.
- Deposit & withdraw from Harvest at skewed NAV.
Root Cause: Protocol read raw pool balances as price oracle.
Prevention Checklist
- Use off‑chain oracles (Chainlink) with deviation limits.
- Validate price feeds across multiple sources.
- Pause deposits on >X% deviation.
— -
Defense‑in‑Depth Checklist for 2025
- Automated static analysis: Slither, MythX, Echidna fuzzing.
- Runtime monitoring: Forta bots, on‑chain anomaly detection.
- Bug bounties: Public programs on Immunefi & HackenProof.
- Timelocks & pausability: Delay critical changes; add circuit breakers.
- Layered reviews: Internal + external audits + community contest.
Security is a process, not a product. Every line of code is a potential liability — treat it accordingly.
— -
Further Reading
- Flash Loans, Cross‑Chain Bridges, and Governance
- When Permissions Go Wrong
- Integer Overflow & Underflow
Thanks for reading — let’s keep building and securing the decentralized future.