Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rename reentrancy guard #102

Open
adlerjohn opened this issue Oct 31, 2022 · 1 comment
Open

Rename reentrancy guard #102

adlerjohn opened this issue Oct 31, 2022 · 1 comment

Comments

@adlerjohn
Copy link
Contributor

adlerjohn commented Oct 31, 2022
edited
Loading

Either rename or better document the reentrancy guard. The guard only protects against control flow hijacking on a single contract, not multiple trusted contracts working together. While the latter case may be less common on Fuel due to a larger contract size limit, it will still happen.

See more: https://inspexco.medium.com/cross-contract-reentrancy-attack-402d27a02a15

The guard should also be documented to not be needed if CEI is followed, which is enforced by the compiler.
@nfurfaro nfurfaro self-assigned this Jan 25, 2023
@nfurfaro nfurfaro mentioned this issue Jan 25, 2023
Closed
@mohammadfawaz mohammadfawaz transferred this issue from FuelLabs/sway Feb 20, 2023
@mohammadfawaz mohammadfawaz changed the title Rename stdlib reentrancy guard Rename reentrancy guard Feb 20, 2023
@mohammadfawaz
Copy link

cc @jtriley-eth - I transferred this issue from the Sway repo.

@yorhodes yorhodes mentioned this issue Apr 10, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Better document reentrancy_guard() FuelLabs/sway
3 participants
@adlerjohn @nfurfaro @mohammadfawaz