diff --git a/src/WakuRlnV2.sol b/src/WakuRlnV2.sol index 802bd67..d099ab6 100644 --- a/src/WakuRlnV2.sol +++ b/src/WakuRlnV2.sol @@ -7,6 +7,7 @@ import { PoseidonT3 } from "poseidon-solidity/PoseidonT3.sol"; import { OwnableUpgradeable } from "@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol"; import { Initializable } from "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol"; import { UUPSUpgradeable } from "@openzeppelin/contracts-upgradeable/proxy/utils/UUPSUpgradeable.sol"; +import { ReentrancyGuardUpgradeable } from "@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol"; import { MembershipUpgradeable } from "./Membership.sol"; import { IPriceCalculator } from "./IPriceCalculator.sol"; @@ -20,7 +21,13 @@ error InvalidIdCommitment(uint256 idCommitment); /// Invalid pagination query error InvalidPaginationQuery(uint256 startIndex, uint256 endIndex); -contract WakuRlnV2 is Initializable, OwnableUpgradeable, UUPSUpgradeable, MembershipUpgradeable { +contract WakuRlnV2 is + Initializable, + OwnableUpgradeable, + UUPSUpgradeable, + MembershipUpgradeable, + ReentrancyGuardUpgradeable +{ /// @notice The Field uint256 public constant Q = 21_888_242_871_839_275_222_246_405_745_257_275_088_548_364_400_416_034_343_698_204_186_575_808_495_617; @@ -89,6 +96,7 @@ contract WakuRlnV2 is Initializable, OwnableUpgradeable, UUPSUpgradeable, Member _activeDuration, _gracePeriod ); + __ReentrancyGuard_init(); MAX_MEMBERSHIP_SET_SIZE = uint32(1 << MERKLE_TREE_DEPTH); deployedBlockNumber = uint32(block.number); @@ -164,6 +172,7 @@ contract WakuRlnV2 is Initializable, OwnableUpgradeable, UUPSUpgradeable, Member uint256[] calldata idCommitmentsToErase ) external + nonReentrant onlyValidIdCommitment(idCommitment) noDuplicateMembership(idCommitment) membershipSetNotFull @@ -211,7 +220,7 @@ contract WakuRlnV2 is Initializable, OwnableUpgradeable, UUPSUpgradeable, Member /// @notice Extend a grace-period membership under the same conditions /// @param idCommitments list of idCommitments of memberships to extend - function extendMemberships(uint256[] calldata idCommitments) external { + function extendMemberships(uint256[] calldata idCommitments) external nonReentrant { for (uint256 i = 0; i < idCommitments.length; i++) { _extendMembership(_msgSender(), idCommitments[i]); } @@ -223,7 +232,7 @@ contract WakuRlnV2 is Initializable, OwnableUpgradeable, UUPSUpgradeable, Member /// The holder can then withdraw the deposited tokens. /// @param idCommitments The list of idCommitments of the memberships to erase /// set - function eraseMemberships(uint256[] calldata idCommitments) external { + function eraseMemberships(uint256[] calldata idCommitments) external nonReentrant { _eraseMemberships(idCommitments, false); } @@ -233,7 +242,7 @@ contract WakuRlnV2 is Initializable, OwnableUpgradeable, UUPSUpgradeable, Member /// this function decreases Merkle tree size and spends more gas (if eraseFromMembershipSet == true). /// @param idCommitments The list of idCommitments of the memberships to erase /// @param eraseFromMembershipSet Indicates whether to erase membership data from the membership set - function eraseMemberships(uint256[] calldata idCommitments, bool eraseFromMembershipSet) external { + function eraseMemberships(uint256[] calldata idCommitments, bool eraseFromMembershipSet) external nonReentrant { _eraseMemberships(idCommitments, eraseFromMembershipSet); } @@ -260,7 +269,7 @@ contract WakuRlnV2 is Initializable, OwnableUpgradeable, UUPSUpgradeable, Member /// @notice Withdraw any available deposit balance in tokens after a membership is erased /// @param token The address of the token to withdraw - function withdraw(address token) external { + function withdraw(address token) external nonReentrant { _withdraw(_msgSender(), token); }