Back
Lesson 18:
Reentrancy Locks
Introduction to Vyper's built-in Reentrancy locks
Progress: 0%
Visit desktop version for better experiences.
Reentrancy Locks
Reentrancy attacks are malicious exploits which allows external contract to reenter original actions recursively, to drain funds or manipulate state.
Vyper has built-in @nonreentrant
decorator to prevent reentrancy attacks.
SampleContract.vy
# pragma version 0.4.0
@external
def vulnerable_function():
raw_call(msg.sender, b"Hello, World!")
@external
@nonreentrant
def nonreentrant_function():
raw_call(msg.sender, b"Hello, World!")
ℹ️ Note
Learn more about the built-in
raw_call
function here
AttackerContract.vy
# pragma version ^0.4.0
interface ExampleInterface:
def vulnerable_function(): nonpayable
def nonreentrant_function(): nonpayable
interface_reference: public(ExampleInterface)
entrant_count: public(uint256)
@deploy
def __init__(contract_addr: address):
self.interface_reference = ExampleInterface(contract_addr)
@external
@payable
def __default__():
if self.entrant_count < 2:
self.entrant_count += 1
# switch `vulnerable_function` with `nonreentrant_function` to see the difference
extcall self.interface_reference.vulnerable_function()
@external
def reset():
self.entrant_count = 0
@external
def test_function():
# switch `vulnerable_function` with `nonreentrant_function` to see the difference
extcall self.interface_reference.vulnerable_function()
Vyper Differentiators
Vyper has built-in Reentrancy lock (
@nonreentrant
) to prevent reentrancy attacks.