Ethereum Smart Contract Bugs

The cluster focuses on security vulnerabilities, bugs, and exploits in Ethereum smart contracts, frequently referencing the DAO hack, hard forks, and the challenges of writing immutable, secure code that handles real financial value.

📉 Falling 0.1x Finance & Crypto

2,454

Comments

Years Active

Top Authors

#8046

Topic ID

Activity Over Time

2009

2011

2012

2013

2014

2015

2016

400

2017

621

2018

214

2019

2020

2021

433

2022

442

2023

2024

2025

2026

Top Contributors

DennisP (30) Animats (19) mannykannot (17) dmitriid (17) naasking (15)

Keywords

IT IMO partnerly.co EVM dasp.co OOP vitalik.ca QA VM legitimacy.html ethereum contracts smart contracts smart code bugs bug contract audit immutable

Sample Comments

m3ta • Mar 17, 2017 • View on HN

Ethereum tried this, and a bug in the code lead to millions of dollars of value lost. They ended up hard-forking the code by changing it to match the intended outcome of the code, thus reversing the actual outcome of the execution of that code.Eventually you'll have millions of lines of code, and within those millions of lines of code there will be a bug. It's no different than writing a legal contract in English. In both cases you can only do your best to make sure there is no misu

tonyjstark • Feb 8, 2021 • View on HN

what if the "smart" contract has a bug?Also now I have to trust the smart contract developer

s73ver_ • Nov 17, 2017 • View on HN

Hell, what happens if the "smart contract" is poorly coded, and someone exploits it?

patmcguire • Aug 1, 2017 • View on HN

I believe it's not core Ethereum that has issues, it's buggy smart contracts. They don't make it particularly difficult to write insecure contracts, though.

cfcosta • May 16, 2021 • View on HN

I'd say this is a problem of a really new tech, with the advanced attack vectors and methodologies we have nowadays.Thankfully, other cryptos (such as Cardano) are building their smart contract platform with correctness/security in mind (compiler checks and so on), so we might see less problems like this.

gcr • Dec 14, 2022 • View on HN

Remember what happened with the 2016 Ethereum DAO?Even expert programmers aren't able to check smart contracts for all possible issues.

xiphias • Nov 3, 2017 • View on HN

Ethereum just had a hard fork where a ,,quick patch'' for a bug was created 2 days before the fork. The developers didn't agree if there should be a hard fork or no at that point. I would never put my money on a system like this, and I would never roll out a system like this where I can make tens of billions of dollars of damage so easily.Also people who were using an official Ethereum multi-sig wallet to be extra safe lost real money, because the devs don't even bother te

wrinkl3 • Aug 11, 2021 • View on HN

That's about as advisable as asking it to write firmware for a pacemaker. Smart contracts are some of the most delicate codebases - even a tiny bug can cause you to lose a lot of money. With a model like this bugs are very likely, especially in such a niche domain.

pavel_lishin • May 1, 2017 • View on HN

I'd be incredibly wary of using Ethereum contracts for this. The DAO has shown that writing software is apparently difficult.

spookthesunset • Aug 10, 2021 • View on HN

> Ethereum has had lots of these hacks, due to bugs in the smart contracts provided.Code is law, bro. These aren't hacks or bugs. They are inert chunks of code that all play by. Even "bugs" in the execution engine are fair game when code is law...The fine folks who carefully investigated the DAO smart contract and transferred lots of its value to their possession are just as entitled to that wealth as the people who possessed it in the first place. There was no hacking an