Back

Lesson 18:
Reentrancy Locks

Introduction to Vyper's built-in Reentrancy locks

Progress: 0%

Visit desktop version for better experiences.

Reentrancy Locks

Reentrancy attacks are malicious exploits which allows external contract to reenter original actions recursively, to drain funds or manipulate state.

Vyper has built-in @nonreentrant decorator to prevent reentrancy attacks.

SampleContract.vy

# pragma version 0.4.0 @external def vulnerable_function(): raw_call(msg.sender, b"Hello, World!") @external @nonreentrant def nonreentrant_function(): raw_call(msg.sender, b"Hello, World!")

ℹ️ Note

Learn more about the built-in raw_call function here

AttackerContract.vy

# pragma version ^0.4.0 interface ExampleInterface: def vulnerable_function(): nonpayable def nonreentrant_function(): nonpayable interface_reference: public(ExampleInterface) entrant_count: public(uint256) @deploy def __init__(contract_addr: address): self.interface_reference = ExampleInterface(contract_addr) @external @payable def __default__(): if self.entrant_count < 2: self.entrant_count += 1 # switch `vulnerable_function` with `nonreentrant_function` to see the difference extcall self.interface_reference.vulnerable_function() @external def reset(): self.entrant_count = 0 @external def test_function(): # switch `vulnerable_function` with `nonreentrant_function` to see the difference extcall self.interface_reference.vulnerable_function()
Vyper Differentiators
  • Vyper has built-in Reentrancy lock (@nonreentrant) to prevent reentrancy attacks.

Further Reading:

© 2025 Scroll Foundation | All rights reserved

Terms of UsePrivacy Policy