feat: implement reentrancy guards and security hardening #269
Description
Description:
Add reentrancy guards and other security hardening (e.g., checks-effects-interactions, overflow checks) to all entrypoints that perform external calls (e.g., token transfer).
Requirements and Context:
- Must be secure, tested, and documented
- Should use Soroban-approved pattern for reentrancy (e.g., guard flag or ledger-based lock)
- Should protect place_bet, payouts, refunds, claim, fee withdrawal
- Should document and test attack vectors (reentrant call mid-payout)
- Should ensure no overflow in arithmetic (use checked ops)
- Must not break existing behavior
Suggested Execution:
-
Fork the repo and create a branch
git checkout -b feature/reentrancy-guards
-
Implement changes
- Write contract: add guard to relevant functions
- Add reentrancy_guard module:
src/reentrancy_guard.rs - Update all entrypoints that do external calls
- Add documentation and NatSpec-style comments
-
Test and commit
- Run tests; add dedicated reentrancy attempt tests
- Include test output and security notes
Example Commit Message:
feat: implement reentrancy guards and security hardening
Guidelines:
- Minimum 95 percent test coverage
- Clear documentation
- Timeframe: 72 hours