Read-Only Reentrancy: The Silent Price Oracle Killer Every DeFi Protocol Still Gets Wrong

Traditional reentrancy has a signature that every auditor can spot — a state change after an external call. But read-only reentrancy hides in plain sight: it targets view functions that return stale data during an ongoing callback, poisoning every pr...