openzeppelin-contracts icon indicating copy to clipboard operation
openzeppelin-contracts copied to clipboard
verified publisher icon OpenZeppelin

Consider using transient state variables without transpilation

Open Amxx opened this issue 1 year ago • 2 comments

Since solidity 0.8.28, supports transient state variables. This could for example be used in ReentracyGuardTransient, with a transient state variable replacing the slot+library calls.

This would however be challenging to the transpiler, because that is a state variable that would not moved into a namespoace, and that would remain a transient state variable. That would be ok from a layout point of view, because transient is cleared at the end of every tx and thus changing the layout during the lifecyclke of a contract is mostly safe.

Mostly but not fully. If the upgrade tx is batched with other operations that read/write to transient storage, and if the upgrade changes the layout of transient space, then you have a 1tx window that is quite dangerous.

Amxx avatar Oct 14 '24 15:10 Amxx

@frangio I think that upgrade to the transient layout vulnerability would be awesome for an Underhanded Solidity Contest.

Amxx avatar Oct 14 '24 15:10 Amxx