-
Notifications
You must be signed in to change notification settings - Fork 11.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix ReentrancyGuard for Proxy Pattern #2171
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for this suggestion!
First of all we want to make clear that this library is not intended for use behind proxies, because it has constructors and we make use of storage in ways that don't work with proxies, and also because we make changes that can result in storage incompatibilities and corrupted upgrades. For use with proxies and upgrades, we maintain the separate @openzeppelin/contracts-ethereum-package
where we do take all of these precautions.
That said, this PR is interesting because of the improvement in gas costs. I ran some tests and indeed this implementation is significantly cheaper (by ~1800 gas). As you mentioned, the improvement comes from using uint256
instead of bool
. Not only because the value isn't masked when read from storage, but also because when booleans are written to storage the entire slot is first read from storage again in order to modify only the relevant bytes. 🤯
It's a sad state of affairs that using the right tools provided by the language, |
@BrendanChou Let us know if you want to work on this or if we should take over. |
@frangio go ahead and take it over. I'm less familiar with the standards you all have for code quality and linting |
Hi all! |
Not stale, we'll pick this up soon. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
…ReentrancyGuard is released to prod OpenZeppelin/openzeppelin-contracts#2171.
Allows the ReentrancyGuard to be used in contracts that are proxied. Fixes two problems:
In both cases, the "corrupted" value of the
_notEntered
slot (zero in the case of new contracts, non-zero in the case of existing contracts) is now fixed in the first call to anynonReentrant
function, making it backwards-compatible with any previous version ofReentrancyGuard
Another added benefit is that this should decrease the gas costs of this function as
uint256
values use the entire value of the slot and thus do not have to be checked by bytecode that the storage slot is returning a valid boolean value upon eachSLOAD
orSSTORE
I invite anyone to take-on and clean-up this PR as necessary