When should I use ReentrancyGuard in a smart contract?

Question

I am looking at the ReentrancyGuard smart contract from Open Zeppelin and I don't understand when I have to use it.

Is it necessary in all my smart contracts or do I only have to add it in some particular cases? If the latter is true, what are those cases?

It's complicated, see the discussion I started about this on Twitter. — Paul Razvan Berg, Apr 21 '23 at 07:18

score 0 · Accepted Answer · answered Apr 21 '23 at 07:11

0

The nonReentrant modifier is used on a per function basis and prevents more than one protected function being called at a time.

The most common case is when your function at some point performs an external call or transfer which allows a threat actor to then re-enter your function again without completing it. This is when you would want a nonReentrant modifier.

It is not always required, but definitely something to consider adding to your functions.

answered Apr 21 '23 at 07:11

Sam Calamos

186
2

Can it cause any harm when added and not needed? – Falcon Stakepool Apr 21 '23 at 07:13
It can break your contract's functionality if a protected function tries to call another protected function as that is not allowed, however this can be fixed with a workaround with internal/external functions. It comes down to your design. Also there is the small gas costs to consider as well – Sam Calamos Apr 21 '23 at 07:15

When should I use ReentrancyGuard in a smart contract?

1 Answers1