Skip to content

[contracts] Add flash-loan contract with reentrancy guard example #1029

Description

@CelestinaBeing

Context

contracts/flashloan-token/ exists. Complete it with a reentrancy guard implementation and demonstrate both vulnerable and protected patterns.

Work

  • Add flash_loan_unsafe(amount, callback_contract) without reentrancy protection (triggers S-reentrancy)
  • Add flash_loan_safe(amount, callback_contract) using the Reentrancy Guard
  • Add a mock callback contract for tests
  • Demonstrate the attack in tests: malicious callback re-enters and drains
  • Show sanctifier analyze catching the vulnerability

Acceptance criteria

  • Attack contract successfully drains flash_loan_unsafe in test
  • flash_loan_safe is not drainable
  • sanctifier analyze finding count: 0 on safe, ≥1 on unsafe

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type
    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions