Search papers, labs, and topics across Lattice.
This paper introduces Sentinel, a proxy-based reentrancy protection mechanism for EVM smart contracts that decouples security logic from the contract implementation. Sentinel operates in dual-mode, using a gas-optimized internal guard and a high-security external lock registry, and also intelligently handles static calls to prevent Read-Only Reentrancy attacks. Evaluated on 70 vulnerable contracts, Sentinel achieves 100% security coverage against major reentrancy attack categories, surpassing existing solutions by over 40%.
Sentinel slashes reentrancy vulnerabilities in smart contracts by 40% with a novel proxy-based approach, offering a robust defense against even the most complex DApp interactions.
Reentrancy attacks remain a persistent threat to decentralized applications (DApps), with malicious actors siphoning around 80M USD from the DApp ecosystem last year by exploiting EVM's inter-contract message-passing semantics. Existing research focuses primarily on detection, relying on known attack patterns, and fails to provide deployable solutions that eliminate the vulnerability. Traditional reentrancy guards are similarly limited, offering incomplete coverage across attack variations and lacking robustness against complex DApp interactions. In this paper, we introduce Sentinel, a novel proxy-based approach that mitigates reentrancy vulnerabilities in a type-agnostic way by integrating reentrancy logic directly into the proxy layer, intercepting all calls to the underlying implementation contract. Key features include a dual-mode operational system offering both a gas-optimized internal guard and a high-security external lock registry for cross-contract reentrancy prevention. The proxy also intelligently handles static calls, enabling safe view-function execution while protecting against Read-Only Reentrancy (ROR) attacks. Through rigorous evaluation on a dataset of 70 vulnerable smart contracts, Sentinel achieves 100% security coverage across four major reentrancy attack categories, outperforming existing solutions by over 40%