Skip to content

SCSVS-GOV-3

S3.3 Preventing Reentrancy and Logic Flaws

Control Objective

Ensure the smart contract's transaction flow and logic integrity are protected from reentrancy attacks and logic flaws. Contracts should implement robust control structures and security patterns to prevent reentrancy, handle complex flows, and ensure that state transitions are secure and symmetrical.

S3.3.A Transaction Flow Security

SCSVS VR ID Requirement L1 L2 L3 SWE
S3.3.A1 Check for edge cases in loop control structures to prevent unexpected behaviors due to break or continue statements. ✓ ✓
S3.3.A2 Ensure that scenarios where sender and recipient are the same are considered to prevent unintended issues in smart contracts. ✓ ✓
S3.3.A3 Ensure that the NonReentrant modifier is applied before other modifiers in functions to prevent reentrancy attacks. ✓ ✓
S3.3.A4 Verify that the check-effect-interaction pattern is implemented to prevent reentrancy attacks. ✓ ✓
S3.3.A5 Ensure that function calls with arbitrary user input and low-level calls are handled securely to avoid introducing risks. ✓ ✓

S3.3.B Function Integrity

SCSVS VR ID Requirement L1 L2 L3 SWE
S3.3.B1 Ensure that functions intended to be unique per parameter set are not callable multiple times to prevent potential issues. ✓ ✓
S3.3.B2 Verify that state changes in functions, such as withdraw and deposit, are symmetrically handled to avoid undesired behavior due to inconsistencies. ✓ ✓