Created
August 1, 2022 12:25
-
-
Save parseb/67374bedada3e3845a98a4ce7e638ddd to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // SPDX-License-Identifier: MIT | |
| pragma solidity 0.8.15; | |
| /// Q: Can I use declared return values to prevent reentrancy attacks? | |
| /// A: No. | |
| /// @notice return values of function are reinitialized on each unique entry and as such cannot prevent rerentry attacks | |
| /// pattern might be useful if return value is global | |
| contract Reentrance { | |
| uint public fliptest1; | |
| Attacker A; | |
| constructor() { | |
| A = new Attacker(); | |
| } | |
| error cannotReenter(uint x, bool z); | |
| bool s; | |
| function notReentrant() public returns (bool) { | |
| if(s) revert cannotReenter(fliptest1, s); | |
| s= true; | |
| bytes memory b = abi.encode(msg.sig); | |
| unchecked { ++fliptest1; } | |
| if (fliptest1 > 10) return s; | |
| A.reEnter(b); | |
| } | |
| function getFlip2() public view returns (uint) { | |
| return A.fliptest2(); | |
| } | |
| } | |
| contract Attacker { | |
| uint public fliptest2; | |
| function reEnter(bytes memory sig_) public { | |
| msg.sender.call(sig_); | |
| unchecked { ++fliptest2; } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment