Hacks Demonstrated and Explained Discussion

Feel free to ask questions or discuss below!

It’s instructive to replicate the DAO hack, thanks for the example.

One critical concept that I overlooked is the fact that the Attacker contract has to have a balance in the DAO contract which is accomplished by using the Attacker.payMe() function call when setting things up. It would’ve been more clear to me to name it say Attacker.contribute() to reiterate that the attacker contract is obtaining a balance in the DAO with it’s address so it can successfully pull off the hack.

On the DAO hacks section I didn’t know if you were going to include the code, like I’ve seen Filip do, so I started coding the contract from scratch as you did and that was educational on it’s own. I made a couple mistakes, one was not including payable on the anonymous function of the Attacker contract which was the hardest to trouble shoot, but it a learning experience to make it work like it should.

Great demonstration of DAO hack, thank you!

What is going in my mind is what basically happen if sending of Ether somehow fails
but balance was already set to 0. Does in this case contract trying to retrieve Ether is left without money,
because balance was set to 0, but transaction has failed?

I’m trying to create this case, but I can’t find the way to make transaction fail,
but surely in real world scenario this can happen.