Smart Contract Exploitation – Web3 Attack Matrix

Attackers use vulnerabilities of smart contract to exploit them by creating or spoofing transactions. Example Frontrunning: Frontrunning is the takeover of an unconfirmed transaction created by another person by paying higher transaction fees and changing the priority of transactions for miners. On Ethereum all unconfirmed transactions are visible to everyone in the mempool before a miner includes them in a block. Attackers can exploit this circumstance to manipulate coin/token prices in decentralized exchanges (see sandwich attack).

Sub techniques (1)

ID	Name
R01	Smart contract vulnerability scan

Mitigations

ID	Mitigation	Description
M01	Audit	DAO projects should commission audits before the go live of their smart contracts.
M02	Check smart contract	Investors with an affinity for technology should check the lines of code of the smart contract on their own before investing.