Open Collections

Abstract

Reentrancy attacks remain among the most damaging threats to blockchain smart contracts, causing significant financial losses despite years of research. This thesis investigates reentrancy vulnerabilities through two complementary contributions: a large-scale empirical study of real-world attacks and an automated analysis tool. We conduct the most comprehensive empirical analysis of reentrancy attacks to date, examining 73 confirmed incidents across EVM-compatible blockchains from 2016 to 2024. Using integrated qualitative and quantitative methodologies, we analyze attacks across seven dimensions: blockchain network, reentrancy scope, entry point, financial impact, attack strategy, vulnerability origin, and exploitation timeline. Our findings reveal that reentrancy attacks have evolved significantly, with cross-function attacks now comprising 42.3% of incidents and entry points diversifying beyond the classic fallback function. We identify seven distinct attack strategies, show that attackers increasingly deploy malicious contracts within exploit transactions to evade detection, and expose critical gaps between academic assumptions and real-world attack characteristics. Building on these insights, we introduce ReSect, the first automated tool for post-mortem analysis of reentrancy exploits. ReSect automates detection and characterization of reentrancy patterns in transaction call traces, addressing the bottleneck of manual analysis. The tool employs novel algorithms, including an address grouping heuristic based on authorial provenance for distinguishing attacker from victim contracts, and a stateful trace traversal algorithm for pattern detection. Our evaluation shows ReSect achieves 95.6% detection recall and 98.5% characterization accuracy, with a false positive rate below 10^-5 and typical latency of 40 milliseconds—enabling potential real-time application. Together, these contributions provide foundational understanding and practical tooling for advancing blockchain security, challenging outdated assumptions about reentrancy and establishing a new paradigm for automated exploit analysis.