Reentrancy Attack is a type of attack against smart contracts where an attacker repeatedly calls functions external to the contract before the previous transaction has finished processing.
This allows the attacker to drain funds or change the state of the contract in an undesirable way before the contract realizes the previous state change.
A reentrancy attack occurs when a smart contract calls another contract before updating its own state. In this attack, the attacker can make a series of re-calls to the original contract, so that the contract continues to transfer funds without realizing that the value inside has been reduced.
This kind of attack often occurs on smart contracts written with loopholes in their programming logic. To prevent these attacks, developers typically use design patterns such as “checks-effects-interactions,” “The security team discovered a reentrancy attack loophole in our contract that could allow the theft of funds.”