fix(security): mitigate reentrancy in transfer operations by mofejo1 · Pull Request #394 · rinafcode/teachLink_contract

mofejo1 · 2026-04-22T21:20:33Z

Summary

add a shared reentrancy guard utility and module-level lock keys
enforce checks-effects-interactions in transfer-heavy paths across modules
protect transfer flows in:
- contracts/teachlink/src/rewards.rs
- contracts/teachlink/src/bridge.rs
- contracts/teachlink/src/atomic_swap.rs
- contracts/teachlink/src/insurance.rs
add focused unit tests that assert guard-trigger behavior for critical transfer entry points

introduced reentrancy::with_guard(...) wrapper to prevent nested execution on protected code paths
moved state mutation ahead of external token calls in vulnerable flows (CEI)
added explicit reentrancy error variants:
- BridgeError::ReentrancyDetected
- EscrowError::ReentrancyDetected
- RewardsError::ReentrancyDetected

cargo check -p teachlink-contract --lib ✅
full cargo test could not be completed locally due disk exhaustion from this repository’s heavy build graph in current environment

Closes #229

drips-wave · 2026-04-22T21:20:43Z

@mofejo1 Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

fix(security): add reentrancy guards and CEI for transfer flows

d4ecba7

style: apply rustfmt for reentrancy patch

1c431a7

ISTIFANUS-N merged commit 3b4fa67 into rinafcode:main Apr 23, 2026
1 check passed