Skip to content

feat: reentrancy.Guard for stateful precompiles #212

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 12 commits into from
Oct 3, 2025
Merged

feat: reentrancy.Guard for stateful precompiles #212

merged 12 commits into from
Oct 3, 2025

Conversation

ARR4N
Copy link
Collaborator

@ARR4N ARR4N commented Aug 6, 2025
edited
Loading

Why this should be merged

The vm.PrecompileEnvironment.Call() method requires careful usage because of reentrancy vulnerabilities (this is common to all outgoing CALLs in the EVM, not just stateful precompiles). This package provides a common method of protection, a reentrancy guard.

How this works

Provides a function that returns vm.ErrExecutionReverted if called twice, by the same contract, in the same transaction, with the same identifier.

How this was tested

Integration test.

@ARR4N ARR4N changed the title feat: PrecompileEnvironment.ReentrancyGuard() feat: reentrancy.Guard Sep 25, 2025
@ARR4N ARR4N self-assigned this Sep 25, 2025
@ARR4N ARR4N marked this pull request as ready for review September 25, 2025 11:34
@ARR4N ARR4N requested a review from a team September 25, 2025 11:34
@ARR4N ARR4N changed the title feat: reentrancy.Guard feat: reentrancy.Guard for stateful precompiles Sep 25, 2025
michaelkaplan13
michaelkaplan13 reviewed Oct 3, 2025
View reviewed changes
michaelkaplan13
michaelkaplan13 approved these changes Oct 3, 2025
View reviewed changes
Copy link
Collaborator

@michaelkaplan13 michaelkaplan13 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Makes sense and seems intuitive to use from a developer perspective.

The only example use case I can think of that the existing test doesn't cover is having multiple guards with different keys protecting different functions within a single precompile, and confirming calls to the other function can still be made.

Not strictly necessary for this PR though.

@ARR4N
Copy link
Collaborator Author

ARR4N commented Oct 3, 2025

Not strictly necessary for this PR though.

It was trivial to add so I included it. Thanks for the review.

@ARR4N ARR4N enabled auto-merge (squash) October 3, 2025 19:45
@ARR4N ARR4N merged commit 910e897 into main Oct 3, 2025
12 checks passed
@ARR4N ARR4N deleted the arr4n/reentrancy-guard branch October 3, 2025 19:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@michaelkaplan13 michaelkaplan13 michaelkaplan13 approved these changes

Assignees

@ARR4N ARR4N

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ARR4N @michaelkaplan13