Michael.W基于Foundry精读Openzeppelin第57期——ReentrancyGuard.sol

  • Michael.W
  • 更新于 2024-06-12 09:33
  • 阅读 1186

ReentrancyGuard库是一个用来防御函数重入的工具库。函数被修饰器nonReentrant修饰可确保其无法被嵌套(重入)调用。本库的代码逻辑上只实现了一个重入锁,所以被nonReentrant修饰的函数之间也是无法相互调用的。

0. 版本

[openzeppelin]:v4.8.3,[forge-std]:v1.5.6

0.1 ReentrancyGuard.sol

Github: https://github.com/OpenZeppelin/openzeppelin-contracts/blob/v4.8.3/contracts/security/ReentrancyGuard.sol

ReentrancyGuard库是一个用来防御函数重入的工具库。函数被修饰器nonReentrant修饰可确保其无法被嵌套(重入)调用。本库的代码逻辑上只实现了一个重入锁,所以被nonReentrant修饰的函数之间也是无法相互调用的。

1. 目标合约

继承ReentrancyGuard合约:

Github: https://github.com/RevelationOfTuring/foundry-openzeppelin-contracts/blob/master/src/security/MockReentrancyGuard.sol

// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.0;

import "openzeppelin-contracts/contracts/security/ReentrancyGuard.sol";

contract MockReentrancyGuard is ReentrancyGuard {
    uint public counter;

    function addWithoutNonReentrant() external {
        _add();
    }

    function callWithoutNonReentrant(address target, bytes calldata calldata_) external {
        _call(target, calldata_);
    }

    function addWithNonReentrant() external nonReentrant {
        _add();
    }

    function callWithNonReentrant(address target, bytes calldata calldata_) external nonReentrant {
        _call(target, calldata_);
    }

    function _call(address target, bytes calldata calldata_) private {
        (bool ok, bytes memory returnData) = target.call(calldata_);
        require(ok, string(returnData));
        counter += 10;
    }

    function _add() private {
        ++counter;
    }
}

全部foundry测试合约:

Github: https://github.com/RevelationOfTuring/foundry-openzeppelin-contracts/blob/master/test/security/ReentrancyGuard/ReentrancyGuard.t.sol

测试使用的物料合约:

Github: https://github.com/RevelationOfTuring/foundry-openzeppelin-contracts/blob/master/test/security/ReentrancyGuard/Reentrant.sol

// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.0;

contract Reentrant {
    address private target;

    constructor(address targetAddress){
        target = targetAddress;
    }

    function callback(bytes calldata calldata_) external {
        (bool ok, bytes memory returnData) = target.call(calldata_);
        if (!ok) {
            // pull the revert msg out of the return data of the call
            uint len = returnData.length;
            if (len > 4 && bytes4(returnData) == bytes4(keccak256(bytes("Error(string)")))) {
                // get returnData[4:] in memory bytes
                bytes memory encodedRevertMsg = new bytes(len - 4);
                for (uint i = 4; i < len; ++i) {
                    encodedRevertMsg[i - 4] = returnData[i];
                }
                revert(abi.decode(encodedRevertMsg, (string)));
            } else {
                revert();
            }
        }
    }
}

2. 代码精读

2.1 constructor()

    // 常量标识,标志着合约方法"未被进入"的状态
    uint256 private constant _NOT_ENTERED = 1;
    // 常量标识,标志着合约方法"已被进入"的状态
    uint256 private constant _ENTERED = 2;

    // 标识合约被进入状态的全局变量
    // 注:该处使用uint256类型而不是bool的原因见下
    uint256 private _status;

    // 初始化函数
    constructor() {
        // 将合约状态设置为"未被进入"
        _status = _NOT_ENTERED;
    }

为什么_status不选择bool类型而使用uint256类型?

答:更新bool类型的gas消耗要比uint256或者其他占满一个word(32字节)的类型都贵。每一个写操作都会携带额外的SLOAD读出slot中的值,接着更新其中bool类型对应的bit,最后才进行slot的回写。这是编译器对合约升级和指针混叠的一种防御措施,无法禁用。

尽管将具有flag属性的状态变量设定为非0值会使得合约部署费用增高,但却可以减少每次调用被nonReentrant修饰方法的gas消耗。

2.2 modifier nonReentrant()

用于防重入的修饰器,防止合约方法直接或间接调用自身。

注:合约内两个被该修饰器修饰的方法无法进行相互调用。可通过将各自逻辑封装成private函数,并用nonReentrant修饰的external函数封装以上private函数来解决部分需求。

    modifier nonReentrant() {
        // 进入方法前的准备工作
        _nonReentrantBefore();
        _;
        // 执行完整个方法后的收尾工作
        _nonReentrantAfter();
    }

    // 进入方法前的准备工作
    function _nonReentrantBefore() private {
        // 要求进入函数前合约标识状态为"未进入",即之前没有与本合约中被nonReentrant修饰的方法交互过
        // 注:此处的检查会将产生重入的调用revert
        require(_status != _ENTERED, "ReentrancyGuard: reentrant call");

        // 将合约标识状态更改为"已进入"
        _status = _ENTERED;
    }

    // 执行完整个方法后的收尾工作
    function _nonReentrantAfter() private {
        // 将合约标识状态更改回"未进入"。由于合约标识状态最后又改回了前值,
        // 即本次方法调用的结果并没有导致该slot的值发生变化,此处将触发gas的返还。
        // 具体细节参见:https://eips.ethereum.org/EIPS/eip-2200
        _status = _NOT_ENTERED;
    }

foundry代码验证:

contract ReentrancyGuardTest is Test {
    MockReentrancyGuard private _testing = new MockReentrancyGuard();
    Reentrant private _reentrant = new Reentrant(address(_testing));

    function test_LocalCall() external {
        // A and B are both local external methods in one contract

        // case 1: A without nonReentrant -> B without nonReentrant
        // [PASS]
        // call {addWithoutNonReentrant} in {callWithoutNonReentrant}
        assertEq(_testing.counter(), 0);
        bytes memory calldata_ = abi.encodeCall(_testing.addWithoutNonReentrant, ());
        _testing.callWithoutNonReentrant(address(_testing), calldata_);
        uint counterValue = _testing.counter();
        assertEq(counterValue, 1 + 10);

        // case 2: A without nonReentrant -> B with nonReentrant
        // [PASS]
        // call {addWithNonReentrant} in {callWithoutNonReentrant}
        calldata_ = abi.encodeCall(_testing.addWithNonReentrant, ());
        _testing.callWithoutNonReentrant(address(_testing), calldata_);
        assertEq(_testing.counter(), counterValue + 1 + 10);
        counterValue = _testing.counter();

        // case 3: A with nonReentrant -> B without nonReentrant
        // [PASS]
        // call {addWithoutNonReentrant} in {callWithNonReentrant}
        calldata_ = abi.encodeCall(_testing.addWithoutNonReentrant, ());
        _testing.callWithNonReentrant(address(_testing), calldata_);
        assertEq(_testing.counter(), counterValue + 1 + 10);

        // case 4: A with nonReentrant -> B with nonReentrant
        // [REVERT]
        // call {addWithNonReentrant} in {callWithNonReentrant}
        calldata_ = abi.encodeCall(_testing.addWithNonReentrant, ());
        // the provided string in `require(bool,string)` is abi-encoded as if it was a call to a function `Error(string)`
        bytes memory encodedRevertMsg = abi.encodeWithSignature("Error(string)", "ReentrancyGuard: reentrant call");
        vm.expectRevert(encodedRevertMsg);
        _testing.callWithNonReentrant(address(_testing), calldata_);
    }

    function test_ExternalCall() external {
        // A and B are both local external methods in one contract
        // C is an external method in another contract

        // case 1: A without nonReentrant -> B -> C without nonReentrant
        // [PASS]
        // {callWithoutNonReentrant} -> {Reentrant.callback} -> {addWithoutNonReentrant}
        assertEq(_testing.counter(), 0);
        bytes memory calldata_ = abi.encodeCall(
            _reentrant.callback,
            (
                abi.encodeCall(_testing.addWithoutNonReentrant, ())
            )
        );
        _testing.callWithoutNonReentrant(address(_reentrant), calldata_);
        uint counterValue = _testing.counter();
        assertEq(counterValue, 1 + 10);

        // case 2: A without nonReentrant -> B -> C with nonReentrant
        // [PASS]
        // {callWithoutNonReentrant} -> {Reentrant.callback} -> {addWithNonReentrant}
        calldata_ = abi.encodeCall(
            _reentrant.callback,
            (
                abi.encodeCall(_testing.addWithNonReentrant, ())
            )
        );
        _testing.callWithoutNonReentrant(address(_reentrant), calldata_);
        assertEq(_testing.counter(), counterValue + 1 + 10);
        counterValue = _testing.counter();

        // case 3: A with nonReentrant -> B -> C without nonReentrant
        // [PASS]
        // {callWithNonReentrant} -> {Reentrant.callback} -> {addWithoutNonReentrant}
        calldata_ = abi.encodeCall(
            _reentrant.callback,
            (
                abi.encodeCall(_testing.addWithoutNonReentrant, ())
            )
        );
        _testing.callWithNonReentrant(address(_reentrant), calldata_);
        assertEq(_testing.counter(), counterValue + 1 + 10);

        // case 4: A with nonReentrant -> B -> C with nonReentrant
        // [REVERT]
        // {callWithNonReentrant} -> {Reentrant.callback} -> {addWithNonReentrant}
        calldata_ = abi.encodeCall(
            _reentrant.callback,
            (
                abi.encodeCall(_testing.addWithNonReentrant, ())
            )
        );
        // the provided string in `require(bool,string)` is abi-encoded as if it was a call to a function `Error(string)`
        bytes memory encodedRevertMsg = abi.encodeWithSignature("Error(string)", "ReentrancyGuard: reentrant call");
        vm.expectRevert(encodedRevertMsg);
        _testing.callWithNonReentrant(address(_reentrant), calldata_);
    }
}

ps: 本人热爱图灵,热爱中本聪,热爱V神。 以下是我个人的公众号,如果有技术问题可以关注我的公众号来跟我交流。 同时我也会在这个公众号上每周更新我的原创文章,喜欢的小伙伴或者老伙计可以支持一下! 如果需要转发,麻烦注明作者。十分感谢!

1.jpeg

公众号名称:后现代泼痞浪漫主义奠基人

点赞 0
收藏 0
分享
本文参与登链社区写作激励计划 ,好文好收益,欢迎正在阅读的你也加入。

0 条评论

请先 登录 后评论
Michael.W
Michael.W
0x93E7...0000
狂热的区块链爱好者