How to avoid call-stack attack in the case of absence of EIP-150?

Question

While before EIP-150, could we avoid the call-stack attack by checking return value, of low-level functions .send(), .call(), .delegatecall() and .staticcall(), whether is false or not?

For example (msg.sender is a contract):

...
msg.sender.send(amount);
...

changing to:

...
if(!msg.sender.send(amount)) revert Error("Call failed!");
...

Whole contract in: https://hackernoon.com/smart-contract-attacks-part-2-ponzi-games-gone-wrong-d5a8b1a98dd8

score 0 · Accepted Answer · answered Mar 21 '22 at 21:56

I found the answer: Nope. Because, in this attack, call-stack slots are filled before execution reaches return of calling contract. A way of preventing could be calculating expected amount of required gas for called function; setting the gas amount of calling function with respect to this.

How to avoid call-stack attack in the case of absence of EIP-150?

1 Answers1