diff --git a/docs/Security.md b/docs/Security.md index 621f672be..5a372d6cf 100644 --- a/docs/Security.md +++ b/docs/Security.md @@ -82,10 +82,10 @@ For a list of full implementations utilizing the Pausable library, see: A [reentrancy attack](https://gus-tavo-guim.medium.com/reentrancy-attack-on-smart-contracts-how-to-identify-the-exploitable-and-an-example-of-an-attack-4470a2d8dfe4) occurs when the caller is able to obtain more resources than allowed by recursively calling a target’s function. -Since Cairo does not support modifiers like Solidity, the [`reentrancy_guard`](../src/openzeppelin/security/reentrancy_guard.cairo) library exposes two methods `_start` and `_end` to protect functions against reentrancy attacks. The protected function must call `ReentrancyGuard._start` before the first function statement, and `ReentrancyGuard._end` before the return statement, as shown below: +Since Cairo does not support modifiers like Solidity, the [`reentrancyguard`](../src/openzeppelin/security/reentrancyguard.cairo) library exposes two methods `_start` and `_end` to protect functions against reentrancy attacks. The protected function must call `ReentrancyGuard._start` before the first function statement, and `ReentrancyGuard._end` before the return statement, as shown below: ```cairo -from openzeppelin.security.reentrancy_guard import ReentrancyGuard +from openzeppelin.security.reentrancyguard import ReentrancyGuard func test_function{ syscall_ptr : felt*, diff --git a/src/openzeppelin/access/ownable.cairo b/src/openzeppelin/access/ownable.cairo index ccdf7780a..ee32f3d8a 100644 --- a/src/openzeppelin/access/ownable.cairo +++ b/src/openzeppelin/access/ownable.cairo @@ -1,5 +1,5 @@ # SPDX-License-Identifier: MIT -# OpenZeppelin Contracts for Cairo v0.1.0 (access/ownable.cairo) +# OpenZeppelin Contracts for Cairo v0.2.0 (access/ownable.cairo) %lang starknet diff --git a/src/openzeppelin/account/Account.cairo b/src/openzeppelin/account/Account.cairo index 56f85d818..3b08dca92 100644 --- a/src/openzeppelin/account/Account.cairo +++ b/src/openzeppelin/account/Account.cairo @@ -1,5 +1,5 @@ # SPDX-License-Identifier: MIT -# OpenZeppelin Contracts for Cairo v0.1.0 (account/Account.cairo) +# OpenZeppelin Contracts for Cairo v0.2.0 (account/Account.cairo) %lang starknet diff --git a/src/openzeppelin/account/AddressRegistry.cairo b/src/openzeppelin/account/AddressRegistry.cairo index 7be07179b..5ec8c5d0f 100644 --- a/src/openzeppelin/account/AddressRegistry.cairo +++ b/src/openzeppelin/account/AddressRegistry.cairo @@ -1,5 +1,5 @@ # SPDX-License-Identifier: MIT -# OpenZeppelin Contracts for Cairo v0.1.0 (account/AddressRegistry.cairo) +# OpenZeppelin Contracts for Cairo v0.2.0 (account/AddressRegistry.cairo) %lang starknet diff --git a/src/openzeppelin/account/EthAccount.cairo b/src/openzeppelin/account/EthAccount.cairo index 87ec6f87c..3e2e8c9d6 100644 --- a/src/openzeppelin/account/EthAccount.cairo +++ b/src/openzeppelin/account/EthAccount.cairo @@ -1,5 +1,5 @@ # SPDX-License-Identifier: MIT -# OpenZeppelin Contracts for Cairo v0.1.0 (account/EthAccount.cairo) +# OpenZeppelin Contracts for Cairo v0.2.0 (account/EthAccount.cairo) %lang starknet from starkware.cairo.common.cairo_builtins import HashBuiltin, SignatureBuiltin, BitwiseBuiltin diff --git a/src/openzeppelin/account/IAccount.cairo b/src/openzeppelin/account/IAccount.cairo index e02457d43..94a7f1027 100644 --- a/src/openzeppelin/account/IAccount.cairo +++ b/src/openzeppelin/account/IAccount.cairo @@ -1,5 +1,5 @@ # SPDX-License-Identifier: MIT -# OpenZeppelin Contracts for Cairo v0.1.0 (account/IAccount.cairo) +# OpenZeppelin Contracts for Cairo v0.2.0 (account/IAccount.cairo) %lang starknet diff --git a/src/openzeppelin/account/library.cairo b/src/openzeppelin/account/library.cairo index 3ae289a51..4314f14ce 100644 --- a/src/openzeppelin/account/library.cairo +++ b/src/openzeppelin/account/library.cairo @@ -1,3 +1,6 @@ +# SPDX-License-Identifier: MIT +# OpenZeppelin Contracts for Cairo v0.2.0 (account/library.cairo) + %lang starknet from starkware.cairo.common.registers import get_fp_and_pc diff --git a/src/openzeppelin/introspection/ERC165.cairo b/src/openzeppelin/introspection/ERC165.cairo index 0dc732d18..ecf519b0b 100644 --- a/src/openzeppelin/introspection/ERC165.cairo +++ b/src/openzeppelin/introspection/ERC165.cairo @@ -1,5 +1,5 @@ # SPDX-License-Identifier: MIT -# OpenZeppelin Contracts for Cairo v0.1.0 (introspection/ERC165.cairo) +# OpenZeppelin Contracts for Cairo v0.2.0 (introspection/ERC165.cairo) %lang starknet diff --git a/src/openzeppelin/introspection/IERC165.cairo b/src/openzeppelin/introspection/IERC165.cairo index ac829967a..f68d76a5e 100644 --- a/src/openzeppelin/introspection/IERC165.cairo +++ b/src/openzeppelin/introspection/IERC165.cairo @@ -1,5 +1,5 @@ # SPDX-License-Identifier: MIT -# OpenZeppelin Contracts for Cairo v0.1.0 (introspection/IERC165.cairo) +# OpenZeppelin Contracts for Cairo v0.2.0 (introspection/IERC165.cairo) %lang starknet diff --git a/src/openzeppelin/security/initializable.cairo b/src/openzeppelin/security/initializable.cairo index 7d2d14a91..083610ad2 100644 --- a/src/openzeppelin/security/initializable.cairo +++ b/src/openzeppelin/security/initializable.cairo @@ -1,5 +1,5 @@ # SPDX-License-Identifier: MIT -# OpenZeppelin Contracts for Cairo v0.1.0 (security/initializable.cairo) +# OpenZeppelin Contracts for Cairo v0.2.0 (security/initializable.cairo) %lang starknet diff --git a/src/openzeppelin/security/pausable.cairo b/src/openzeppelin/security/pausable.cairo index 9a6745d1d..154e1e4fc 100644 --- a/src/openzeppelin/security/pausable.cairo +++ b/src/openzeppelin/security/pausable.cairo @@ -1,5 +1,5 @@ # SPDX-License-Identifier: MIT -# OpenZeppelin Contracts for Cairo v0.1.0 (security/pausable.cairo) +# OpenZeppelin Contracts for Cairo v0.2.0 (security/pausable.cairo) %lang starknet diff --git a/src/openzeppelin/security/reentrancy_guard.cairo b/src/openzeppelin/security/reentrancyguard.cairo similarity index 91% rename from src/openzeppelin/security/reentrancy_guard.cairo rename to src/openzeppelin/security/reentrancyguard.cairo index f95d5e21f..76be091a0 100644 --- a/src/openzeppelin/security/reentrancy_guard.cairo +++ b/src/openzeppelin/security/reentrancyguard.cairo @@ -1,5 +1,5 @@ # SPDX-License-Identifier: MIT -# OpenZeppelin Cairo Contracts v0.1.0 (security/reentrancyguard.cairo) +# OpenZeppelin Contracts for Cairo v0.2.0 (security/reentrancyguard.cairo) %lang starknet diff --git a/src/openzeppelin/security/safemath.cairo b/src/openzeppelin/security/safemath.cairo index cd26f02d5..df20f0f49 100644 --- a/src/openzeppelin/security/safemath.cairo +++ b/src/openzeppelin/security/safemath.cairo @@ -1,5 +1,5 @@ # SPDX-License-Identifier: MIT -# OpenZeppelin Contracts for Cairo v0.1.0 (security/safemath.cairo) +# OpenZeppelin Contracts for Cairo v0.2.0 (security/safemath.cairo) %lang starknet diff --git a/src/openzeppelin/token/erc20/ERC20.cairo b/src/openzeppelin/token/erc20/ERC20.cairo index 24f242f1c..ebfda8991 100644 --- a/src/openzeppelin/token/erc20/ERC20.cairo +++ b/src/openzeppelin/token/erc20/ERC20.cairo @@ -1,5 +1,5 @@ # SPDX-License-Identifier: MIT -# OpenZeppelin Contracts for Cairo v0.1.0 (token/erc20/ERC20.cairo) +# OpenZeppelin Contracts for Cairo v0.2.0 (token/erc20/ERC20.cairo) %lang starknet diff --git a/src/openzeppelin/token/erc20/ERC20_Mintable.cairo b/src/openzeppelin/token/erc20/ERC20_Mintable.cairo index 775a4d39a..f11c9afb6 100644 --- a/src/openzeppelin/token/erc20/ERC20_Mintable.cairo +++ b/src/openzeppelin/token/erc20/ERC20_Mintable.cairo @@ -1,5 +1,5 @@ # SPDX-License-Identifier: MIT -# OpenZeppelin Contracts for Cairo v0.1.0 (token/erc20/ERC20_Mintable.cairo) +# OpenZeppelin Contracts for Cairo v0.2.0 (token/erc20/ERC20_Mintable.cairo) %lang starknet diff --git a/src/openzeppelin/token/erc20/ERC20_Pausable.cairo b/src/openzeppelin/token/erc20/ERC20_Pausable.cairo index 32c45b39b..f44db312d 100644 --- a/src/openzeppelin/token/erc20/ERC20_Pausable.cairo +++ b/src/openzeppelin/token/erc20/ERC20_Pausable.cairo @@ -1,5 +1,5 @@ # SPDX-License-Identifier: MIT -# OpenZeppelin Contracts for Cairo v0.1.0 (token/erc20/ERC20_Pausable.cairo) +# OpenZeppelin Contracts for Cairo v0.2.0 (token/erc20/ERC20_Pausable.cairo) %lang starknet diff --git a/src/openzeppelin/token/erc20/ERC20_Upgradeable.cairo b/src/openzeppelin/token/erc20/ERC20_Upgradeable.cairo index 481c32f89..891e633a9 100644 --- a/src/openzeppelin/token/erc20/ERC20_Upgradeable.cairo +++ b/src/openzeppelin/token/erc20/ERC20_Upgradeable.cairo @@ -1,5 +1,5 @@ # SPDX-License-Identifier: MIT -# OpenZeppelin Contracts for Cairo v0.1.0 (token/erc20/ERC20_Upgradeable.cairo) +# OpenZeppelin Contracts for Cairo v0.2.0 (token/erc20/ERC20_Upgradeable.cairo) %lang starknet %builtins pedersen range_check diff --git a/src/openzeppelin/token/erc20/interfaces/IERC20.cairo b/src/openzeppelin/token/erc20/interfaces/IERC20.cairo index 1c7fd6666..c2c7bb9b9 100644 --- a/src/openzeppelin/token/erc20/interfaces/IERC20.cairo +++ b/src/openzeppelin/token/erc20/interfaces/IERC20.cairo @@ -1,5 +1,5 @@ # SPDX-License-Identifier: MIT -# OpenZeppelin Contracts for Cairo v0.1.0 (token/erc20/interfaces/IERC20.cairo) +# OpenZeppelin Contracts for Cairo v0.2.0 (token/erc20/interfaces/IERC20.cairo) %lang starknet diff --git a/src/openzeppelin/token/erc20/library.cairo b/src/openzeppelin/token/erc20/library.cairo index bd0ddbd7c..a096c1188 100644 --- a/src/openzeppelin/token/erc20/library.cairo +++ b/src/openzeppelin/token/erc20/library.cairo @@ -1,5 +1,5 @@ # SPDX-License-Identifier: MIT -# OpenZeppelin Contracts for Cairo v0.1.0 (token/erc20/library.cairo) +# OpenZeppelin Contracts for Cairo v0.2.0 (token/erc20/library.cairo) %lang starknet diff --git a/src/openzeppelin/token/erc721/ERC721_Mintable_Burnable.cairo b/src/openzeppelin/token/erc721/ERC721_Mintable_Burnable.cairo index 9e12d0187..63583cac1 100644 --- a/src/openzeppelin/token/erc721/ERC721_Mintable_Burnable.cairo +++ b/src/openzeppelin/token/erc721/ERC721_Mintable_Burnable.cairo @@ -1,5 +1,5 @@ # SPDX-License-Identifier: MIT -# OpenZeppelin Contracts for Cairo v0.1.0 (token/erc721/ERC721_Mintable_Burnable.cairo) +# OpenZeppelin Contracts for Cairo v0.2.0 (token/erc721/ERC721_Mintable_Burnable.cairo) %lang starknet diff --git a/src/openzeppelin/token/erc721/ERC721_Mintable_Pausable.cairo b/src/openzeppelin/token/erc721/ERC721_Mintable_Pausable.cairo index 2e6023d46..402d98cb5 100644 --- a/src/openzeppelin/token/erc721/ERC721_Mintable_Pausable.cairo +++ b/src/openzeppelin/token/erc721/ERC721_Mintable_Pausable.cairo @@ -1,5 +1,5 @@ # SPDX-License-Identifier: MIT -# OpenZeppelin Contracts for Cairo v0.1.0 (token/erc721/ERC721_Mintable_Pausable.cairo) +# OpenZeppelin Contracts for Cairo v0.2.0 (token/erc721/ERC721_Mintable_Pausable.cairo) %lang starknet diff --git a/src/openzeppelin/token/erc721/interfaces/IERC721.cairo b/src/openzeppelin/token/erc721/interfaces/IERC721.cairo index 35e71f965..f4105da6c 100644 --- a/src/openzeppelin/token/erc721/interfaces/IERC721.cairo +++ b/src/openzeppelin/token/erc721/interfaces/IERC721.cairo @@ -1,5 +1,5 @@ # SPDX-License-Identifier: MIT -# OpenZeppelin Contracts for Cairo v0.1.0 (token/erc721/interfaces/IERC721.cairo) +# OpenZeppelin Contracts for Cairo v0.2.0 (token/erc721/interfaces/IERC721.cairo) %lang starknet diff --git a/src/openzeppelin/token/erc721/interfaces/IERC721_Metadata.cairo b/src/openzeppelin/token/erc721/interfaces/IERC721_Metadata.cairo index 6f010dfde..1a00556b1 100644 --- a/src/openzeppelin/token/erc721/interfaces/IERC721_Metadata.cairo +++ b/src/openzeppelin/token/erc721/interfaces/IERC721_Metadata.cairo @@ -1,5 +1,5 @@ # SPDX-License-Identifier: MIT -# OpenZeppelin Contracts for Cairo v0.1.0 (token/erc721/interfaces/IERC721_Metadata.cairo) +# OpenZeppelin Contracts for Cairo v0.2.0 (token/erc721/interfaces/IERC721_Metadata.cairo) %lang starknet diff --git a/src/openzeppelin/token/erc721/interfaces/IERC721_Receiver.cairo b/src/openzeppelin/token/erc721/interfaces/IERC721_Receiver.cairo index a2e92b9db..f73f51dcb 100644 --- a/src/openzeppelin/token/erc721/interfaces/IERC721_Receiver.cairo +++ b/src/openzeppelin/token/erc721/interfaces/IERC721_Receiver.cairo @@ -1,5 +1,5 @@ # SPDX-License-Identifier: MIT -# OpenZeppelin Contracts for Cairo v0.1.0 (token/erc721/interfaces/IERC721_Receiver.cairo) +# OpenZeppelin Contracts for Cairo v0.2.0 (token/erc721/interfaces/IERC721_Receiver.cairo) %lang starknet diff --git a/src/openzeppelin/token/erc721/library.cairo b/src/openzeppelin/token/erc721/library.cairo index f36b3a92a..74d9105d1 100644 --- a/src/openzeppelin/token/erc721/library.cairo +++ b/src/openzeppelin/token/erc721/library.cairo @@ -1,5 +1,5 @@ # SPDX-License-Identifier: MIT -# OpenZeppelin Contracts for Cairo v0.1.0 (token/erc721/library.cairo) +# OpenZeppelin Contracts for Cairo v0.2.0 (token/erc721/library.cairo) %lang starknet diff --git a/src/openzeppelin/token/erc721/utils/ERC721_Holder.cairo b/src/openzeppelin/token/erc721/utils/ERC721_Holder.cairo index 845a0a910..d173c992c 100644 --- a/src/openzeppelin/token/erc721/utils/ERC721_Holder.cairo +++ b/src/openzeppelin/token/erc721/utils/ERC721_Holder.cairo @@ -1,5 +1,5 @@ # SPDX-License-Identifier: MIT -# OpenZeppelin Contracts for Cairo v0.1.0 (token/erc721/utils/ERC721_Holder.cairo) +# OpenZeppelin Contracts for Cairo v0.2.0 (token/erc721/utils/ERC721_Holder.cairo) %lang starknet diff --git a/src/openzeppelin/token/erc721_enumerable/ERC721_Enumerable_Mintable_Burnable.cairo b/src/openzeppelin/token/erc721_enumerable/ERC721_Enumerable_Mintable_Burnable.cairo index d63e47539..d0ac134c7 100644 --- a/src/openzeppelin/token/erc721_enumerable/ERC721_Enumerable_Mintable_Burnable.cairo +++ b/src/openzeppelin/token/erc721_enumerable/ERC721_Enumerable_Mintable_Burnable.cairo @@ -1,5 +1,5 @@ # SPDX-License-Identifier: MIT -# OpenZeppelin Contracts for Cairo v0.1.0 (token/erc721_enumerable/ERC721_Enumerable_Mintable_Burnable.cairo) +# OpenZeppelin Contracts for Cairo v0.2.0 (token/erc721_enumerable/ERC721_Enumerable_Mintable_Burnable.cairo) %lang starknet diff --git a/src/openzeppelin/token/erc721_enumerable/interfaces/IERC721_Enumerable.cairo b/src/openzeppelin/token/erc721_enumerable/interfaces/IERC721_Enumerable.cairo index 3d3f0ebb7..b3727f7fa 100644 --- a/src/openzeppelin/token/erc721_enumerable/interfaces/IERC721_Enumerable.cairo +++ b/src/openzeppelin/token/erc721_enumerable/interfaces/IERC721_Enumerable.cairo @@ -1,5 +1,5 @@ # SPDX-License-Identifier: MIT -# OpenZeppelin Contracts for Cairo v0.1.0 (token/erc721_enumerable/interfaces/IERC721_Enumerable.cairo) +# OpenZeppelin Contracts for Cairo v0.2.0 (token/erc721_enumerable/interfaces/IERC721_Enumerable.cairo) %lang starknet diff --git a/src/openzeppelin/token/erc721_enumerable/library.cairo b/src/openzeppelin/token/erc721_enumerable/library.cairo index 879065617..c42c30666 100644 --- a/src/openzeppelin/token/erc721_enumerable/library.cairo +++ b/src/openzeppelin/token/erc721_enumerable/library.cairo @@ -1,5 +1,5 @@ # SPDX-License-Identifier: MIT -# OpenZeppelin Contracts for Cairo v0.1.0 (token/erc721_enumerable/library.cairo) +# OpenZeppelin Contracts for Cairo v0.2.0 (token/erc721_enumerable/library.cairo) %lang starknet diff --git a/src/openzeppelin/utils/constants.cairo b/src/openzeppelin/utils/constants.cairo index 5a93bb405..d9fed7d45 100644 --- a/src/openzeppelin/utils/constants.cairo +++ b/src/openzeppelin/utils/constants.cairo @@ -1,5 +1,5 @@ # SPDX-License-Identifier: MIT -# OpenZeppelin Contracts for Cairo v0.1.0 (utils/constants.cairo) +# OpenZeppelin Contracts for Cairo v0.2.0 (utils/constants.cairo) %lang starknet diff --git a/tests/mocks/reentrancy_mock.cairo b/tests/mocks/reentrancy_mock.cairo index 60c69e621..8aa7fc2fd 100644 --- a/tests/mocks/reentrancy_mock.cairo +++ b/tests/mocks/reentrancy_mock.cairo @@ -7,7 +7,7 @@ from starkware.cairo.common.math_cmp import is_le from starkware.cairo.common.bool import TRUE from starkware.starknet.common.syscalls import get_contract_address -from openzeppelin.security.reentrancy_guard import ReentrancyGuard +from openzeppelin.security.reentrancyguard import ReentrancyGuard @contract_interface namespace IReentrancyGuardAttacker: diff --git a/tests/security/test_reentrancy.py b/tests/security/test_reentrancy.py index 292c523ec..c26ec471a 100644 --- a/tests/security/test_reentrancy.py +++ b/tests/security/test_reentrancy.py @@ -6,6 +6,7 @@ INITIAL_COUNTER = 0 + @pytest.fixture(scope='module') async def reentrancy_mock(): starknet = await Starknet.empty() @@ -16,6 +17,7 @@ async def reentrancy_mock(): return contract, starknet + @pytest.mark.asyncio async def test_reentrancy_guard_deploy(reentrancy_mock): contract, _ = reentrancy_mock @@ -23,6 +25,7 @@ async def test_reentrancy_guard_deploy(reentrancy_mock): assert response.result == (INITIAL_COUNTER,) + @pytest.mark.asyncio async def test_reentrancy_guard_remote_callback(reentrancy_mock): contract, starknet = reentrancy_mock @@ -33,6 +36,7 @@ async def test_reentrancy_guard_remote_callback(reentrancy_mock): reverted_with="ReentrancyGuard: reentrant call" ) + @pytest.mark.asyncio async def test_reentrancy_guard_local_recursion(reentrancy_mock): contract, _ = reentrancy_mock @@ -47,6 +51,7 @@ async def test_reentrancy_guard_local_recursion(reentrancy_mock): reverted_with="ReentrancyGuard: reentrant call" ) + @pytest.mark.asyncio async def test_reentrancy_guard(reentrancy_mock): contract, _ = reentrancy_mock