Reentrancy

A vulnerability where an external call lets the caller re-enter the original function before state updates settle.

The original DAO hack (2016) was a reentrancy exploit. Modern Solidity defaults (nonReentrant modifiers, checks-effects-interactions pattern) make this rare in audited code, but cross-contract reentrancy (e.g., via callbacks in token-receiver hooks) still surfaces in novel designs.

Related terms

ExploitA security failure that lets an attacker drain protocol funds — historically the dominant loss vector in DeFi.
Audit reportA security firm's written review of smart-contract code, classifying findings by severity and tracking issuer responses.