From 1db4d65da2d431d965eeeb199040b87d0351f5d5 Mon Sep 17 00:00:00 2001 From: Benjamin Bollen Date: Wed, 25 Sep 2024 22:03:04 +0100 Subject: [PATCH] (circles): correct order of check and effect in _claimIssuance to prevent reentrancy attack (patch 01) --- src/circles/Circles.sol | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/circles/Circles.sol b/src/circles/Circles.sol index 45d2c63..dfb84ed 100644 --- a/src/circles/Circles.sol +++ b/src/circles/Circles.sol @@ -138,11 +138,12 @@ contract Circles is ERC1155, ICirclesErrors { // No issuance to claim, simply return without reverting return; } - // mint personal Circles to the human - _mintAndUpdateTotalSupply(_human, toTokenId(_human), issuance, ""); - // update the last mint time + // update the last mint time, before minting as mint time determines the check (guard for reeentrancy attack) mintTimes[_human].lastMintTime = uint96(block.timestamp); + // mint personal Circles to the human; ERC1155 mint will perform acceptance call + _mintAndUpdateTotalSupply(_human, toTokenId(_human), issuance, ""); + emit PersonalMint(_human, issuance, startPeriod, endPeriod); }