From 9f3a0df63105841a9ea0105cc21e06a52c6695d4 Mon Sep 17 00:00:00 2001
From: Benjamin Bollen <benjamin.bollen@gnosis.io>
Date: Wed, 25 Sep 2024 21:51:54 +0100
Subject: [PATCH 1/2] (hub): non-Reentrant modifier had unused error code;
 remove

---
 src/hub/Hub.sol | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/hub/Hub.sol b/src/hub/Hub.sol
index b99a4a9..431a3ef 100644
--- a/src/hub/Hub.sol
+++ b/src/hub/Hub.sol
@@ -143,7 +143,7 @@ contract Hub is Circles, TypeDefinitions, IHubErrors {
      * @dev Reentrancy guard for nonReentrant functions.
      * see https://soliditylang.org/blog/2024/01/26/transient-storage/
      */
-    modifier nonReentrant(uint8 _code) {
+    modifier nonReentrant() {
         assembly {
             if tload(0) { revert(0, 0) }
             tstore(0, 1)
@@ -543,7 +543,7 @@ contract Hub is Circles, TypeDefinitions, IHubErrors {
         FlowEdge[] calldata _flow,
         Stream[] calldata _streams,
         bytes calldata _packedCoordinates
-    ) external nonReentrant(0) {
+    ) external nonReentrant {
         // first unpack the coordinates to array of uint16
         uint16[] memory coordinates = _unpackCoordinates(_packedCoordinates, _flow.length);
 

From 1db4d65da2d431d965eeeb199040b87d0351f5d5 Mon Sep 17 00:00:00 2001
From: Benjamin Bollen <benjamin.bollen@gnosis.io>
Date: Wed, 25 Sep 2024 22:03:04 +0100
Subject: [PATCH 2/2] (circles): correct order of check and effect in
 _claimIssuance to prevent reentrancy attack (patch 01)

---
 src/circles/Circles.sol | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/circles/Circles.sol b/src/circles/Circles.sol
index 45d2c63..dfb84ed 100644
--- a/src/circles/Circles.sol
+++ b/src/circles/Circles.sol
@@ -138,11 +138,12 @@ contract Circles is ERC1155, ICirclesErrors {
             // No issuance to claim, simply return without reverting
             return;
         }
-        // mint personal Circles to the human
-        _mintAndUpdateTotalSupply(_human, toTokenId(_human), issuance, "");
-        // update the last mint time
+        // update the last mint time, before minting as mint time determines the check (guard for reeentrancy attack)
         mintTimes[_human].lastMintTime = uint96(block.timestamp);
 
+        // mint personal Circles to the human; ERC1155 mint will perform acceptance call
+        _mintAndUpdateTotalSupply(_human, toTokenId(_human), issuance, "");
+
         emit PersonalMint(_human, issuance, startPeriod, endPeriod);
     }