Decoupling Reentrancy Protection from Smart Contract Implementation Logic
For DApp developers, Sentinel provides a deployable, type-agnostic solution to eliminate reentrancy vulnerabilities, addressing a critical security gap in smart contract implementation.
Sentinel introduces a proxy-based reentrancy protection mechanism that achieves 100% security coverage across four major attack categories on 70 vulnerable contracts, outperforming existing solutions by over 40%.
Reentrancy attacks remain a persistent threat to decentralized applications (DApps), with malicious actors siphoning around 80M USD from the DApp ecosystem last year by exploiting EVM's inter-contract message-passing semantics. Existing research focuses primarily on detection, relying on known attack patterns, and fails to provide deployable solutions that eliminate the vulnerability. Traditional reentrancy guards are similarly limited, offering incomplete coverage across attack variations and lacking robustness against complex DApp interactions. In this paper, we introduce Sentinel, a novel proxy-based approach that mitigates reentrancy vulnerabilities in a type-agnostic way by integrating reentrancy logic directly into the proxy layer, intercepting all calls to the underlying implementation contract. Key features include a dual-mode operational system offering both a gas-optimized internal guard and a high-security external lock registry for cross-contract reentrancy prevention. The proxy also intelligently handles static calls, enabling safe view-function execution while protecting against Read-Only Reentrancy (ROR) attacks. Through rigorous evaluation on a dataset of 70 vulnerable smart contracts, Sentinel achieves 100% security coverage across four major reentrancy attack categories, outperforming existing solutions by over 40%