Skip to content

Commit 08bd6ab

Browse files
authored
audit: add nonreentrant modifiers (#419)
1 parent 43b4797 commit 08bd6ab

3 files changed

Lines changed: 14 additions & 7 deletions

File tree

solidity/src/processor/LiteProcessor.sol

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -7,13 +7,14 @@ import {IProcessorMessageTypes} from "./interfaces/IProcessorMessageTypes.sol";
77
import {IProcessor} from "./interfaces/IProcessor.sol";
88
import {ProcessorErrors} from "./libs/ProcessorErrors.sol";
99
import {ProcessorBase} from "./ProcessorBase.sol";
10+
import {ReentrancyGuard} from "@openzeppelin/contracts/utils/ReentrancyGuard.sol";
1011

1112
/**
1213
* @title LiteProcessor
1314
* @notice A lightweight processor for handling cross-chain messages with atomic and non-atomic execution
14-
* @dev Implements IMessageRecipient for Hyperlane message handling and ProcessorBase for core shared processor logic
15+
* @dev Implements IMessageRecipient for Hyperlane message handling, ProcessorBase for core shared processor logic and ReentrancyGuard to prevent re-entrancy attacks.
1516
*/
16-
contract LiteProcessor is IMessageRecipient, ProcessorBase {
17+
contract LiteProcessor is IMessageRecipient, ProcessorBase, ReentrancyGuard {
1718
// ============ Constructor ============
1819
/**
1920
* @notice Initializes the LiteProcessor contract
@@ -64,7 +65,7 @@ contract LiteProcessor is IMessageRecipient, ProcessorBase {
6465
* @notice Handles incoming messages from an authorized addresses
6566
* @param _body The message payload
6667
*/
67-
function execute(bytes calldata _body) external override {
68+
function execute(bytes calldata _body) external override nonReentrant {
6869
// Verify sender is authorized address
6970
require(authorizedAddresses[msg.sender], ProcessorErrors.UnauthorizedAccess());
7071

solidity/src/processor/Processor.sol

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,8 +6,14 @@ import {QueueMap} from "./libs/QueueMap.sol";
66
import {ProcessorBase} from "./ProcessorBase.sol";
77
import {ProcessorErrors} from "./libs/ProcessorErrors.sol";
88
import {ProcessorEvents} from "./libs/ProcessorEvents.sol";
9+
import {ReentrancyGuard} from "@openzeppelin/contracts/utils/ReentrancyGuard.sol";
910

10-
contract Processor is IMessageRecipient, ProcessorBase {
11+
/**
12+
* @title Processor
13+
* @notice (unimplemented) A full implementation of a Processor.
14+
* @dev Implements IMessageRecipient for Hyperlane message handling, ProcessorBase for core shared processor logic and ReentrancyGuard to prevent re-entrancy attacks.
15+
*/
16+
contract Processor is IMessageRecipient, ProcessorBase, ReentrancyGuard {
1117
// Use the library for the Queue type
1218
using QueueMap for QueueMap.Queue;
1319

@@ -58,7 +64,7 @@ contract Processor is IMessageRecipient, ProcessorBase {
5864
* @notice Handles incoming messages from an authorized addresses
5965
* @param _body The message payload
6066
*/
61-
function execute(bytes calldata _body) external override {
67+
function execute(bytes calldata _body) external override nonReentrant {
6268
// TODO: Implement the execute function
6369
}
6470
}

solidity/src/vaults/OneWayVault.sol

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -389,7 +389,7 @@ contract OneWayVault is
389389
* @param receiver Address to receive the vault shares
390390
* @return shares Amount of shares minted to receiver
391391
*/
392-
function deposit(uint256 assets, address receiver) public override whenNotPaused returns (uint256) {
392+
function deposit(uint256 assets, address receiver) public override whenNotPaused nonReentrant returns (uint256) {
393393
if (_checkAndHandleStaleRate()) {
394394
return 0; // Exit early if vault was just paused
395395
}
@@ -420,7 +420,7 @@ contract OneWayVault is
420420
* @param receiver Address to receive the shares
421421
* @return assets Total amount of assets deposited (including fees)
422422
*/
423-
function mint(uint256 shares, address receiver) public override whenNotPaused returns (uint256) {
423+
function mint(uint256 shares, address receiver) public override whenNotPaused nonReentrant returns (uint256) {
424424
if (_checkAndHandleStaleRate()) {
425425
return 0; // Exit early if vault was just paused
426426
}

0 commit comments

Comments
 (0)