thirdweb-dev
diff --git a/‎contracts/base/ERC1155SignatureMint.sol
Copy file name to clipboardExpand all lines: contracts/base/ERC1155SignatureMint.sol
+3-3Lines changed: 3 additions & 3 deletions b/‎contracts/base/ERC1155SignatureMint.sol
Copy file name to clipboardExpand all lines: contracts/base/ERC1155SignatureMint.sol
+3-3Lines changed: 3 additions & 3 deletions
diff --git a/‎contracts/base/ERC20SignatureMint.sol
Copy file name to clipboardExpand all lines: contracts/base/ERC20SignatureMint.sol
+3-3Lines changed: 3 additions & 3 deletions b/‎contracts/base/ERC20SignatureMint.sol
Copy file name to clipboardExpand all lines: contracts/base/ERC20SignatureMint.sol
+3-3Lines changed: 3 additions & 3 deletions
diff --git a/‎contracts/base/ERC20SignatureMintVote.sol
Copy file name to clipboardExpand all lines: contracts/base/ERC20SignatureMintVote.sol
+3-3Lines changed: 3 additions & 3 deletions b/‎contracts/base/ERC20SignatureMintVote.sol
Copy file name to clipboardExpand all lines: contracts/base/ERC20SignatureMintVote.sol
+3-3Lines changed: 3 additions & 3 deletions
diff --git a/‎contracts/base/ERC721Multiwrap.sol
Copy file name to clipboardExpand all lines: contracts/base/ERC721Multiwrap.sol
+13-3Lines changed: 13 additions & 3 deletions b/‎contracts/base/ERC721Multiwrap.sol
Copy file name to clipboardExpand all lines: contracts/base/ERC721Multiwrap.sol
+13-3Lines changed: 13 additions & 3 deletions
diff --git a/‎contracts/base/ERC721SignatureMint.sol
Copy file name to clipboardExpand all lines: contracts/base/ERC721SignatureMint.sol
+3-3Lines changed: 3 additions & 3 deletions b/‎contracts/base/ERC721SignatureMint.sol
Copy file name to clipboardExpand all lines: contracts/base/ERC721SignatureMint.sol
+3-3Lines changed: 3 additions & 3 deletions
diff --git a/‎contracts/prebuilts/loyalty/LoyaltyCard.sol
Copy file name to clipboardExpand all lines: contracts/prebuilts/loyalty/LoyaltyCard.sol
+4-1Lines changed: 4 additions & 1 deletion b/‎contracts/prebuilts/loyalty/LoyaltyCard.sol
Copy file name to clipboardExpand all lines: contracts/prebuilts/loyalty/LoyaltyCard.sol
+4-1Lines changed: 4 additions & 1 deletion
diff --git a/‎contracts/prebuilts/marketplace/english-auctions/EnglishAuctionsLogic.sol
Copy file name to clipboardExpand all lines: contracts/prebuilts/marketplace/english-auctions/EnglishAuctionsLogic.sol
+4-2Lines changed: 4 additions & 2 deletions b/‎contracts/prebuilts/marketplace/english-auctions/EnglishAuctionsLogic.sol
Copy file name to clipboardExpand all lines: contracts/prebuilts/marketplace/english-auctions/EnglishAuctionsLogic.sol
+4-2Lines changed: 4 additions & 2 deletions
diff --git a/‎contracts/prebuilts/pack/Pack.sol
Copy file name to clipboardExpand all lines: contracts/prebuilts/pack/Pack.sol
+1-1Lines changed: 1 addition & 1 deletion b/‎contracts/prebuilts/pack/Pack.sol
Copy file name to clipboardExpand all lines: contracts/prebuilts/pack/Pack.sol
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎contracts/prebuilts/split/Split.sol
Copy file name to clipboardExpand all lines: contracts/prebuilts/split/Split.sol
+7-5Lines changed: 7 additions & 5 deletions b/‎contracts/prebuilts/split/Split.sol
Copy file name to clipboardExpand all lines: contracts/prebuilts/split/Split.sol
+7-5Lines changed: 7 additions & 5 deletions
diff --git a/‎contracts/prebuilts/staking/EditionStake.sol
Copy file name to clipboardExpand all lines: contracts/prebuilts/staking/EditionStake.sol
+1-1Lines changed: 1 addition & 1 deletion b/‎contracts/prebuilts/staking/EditionStake.sol
Copy file name to clipboardExpand all lines: contracts/prebuilts/staking/EditionStake.sol
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎contracts/prebuilts/staking/NFTStake.sol
Copy file name to clipboardExpand all lines: contracts/prebuilts/staking/NFTStake.sol
+1-1Lines changed: 1 addition & 1 deletion b/‎contracts/prebuilts/staking/NFTStake.sol
Copy file name to clipboardExpand all lines: contracts/prebuilts/staking/NFTStake.sol
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎contracts/prebuilts/token/TokenERC1155.sol
Copy file name to clipboardExpand all lines: contracts/prebuilts/token/TokenERC1155.sol
+1-1Lines changed: 1 addition & 1 deletion b/‎contracts/prebuilts/token/TokenERC1155.sol
Copy file name to clipboardExpand all lines: contracts/prebuilts/token/TokenERC1155.sol
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎contracts/prebuilts/token/TokenERC20.sol
Copy file name to clipboardExpand all lines: contracts/prebuilts/token/TokenERC20.sol
+1-1Lines changed: 1 addition & 1 deletion b/‎contracts/prebuilts/token/TokenERC20.sol
Copy file name to clipboardExpand all lines: contracts/prebuilts/token/TokenERC20.sol
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎contracts/prebuilts/token/TokenERC721.sol
Copy file name to clipboardExpand all lines: contracts/prebuilts/token/TokenERC721.sol
+1-1Lines changed: 1 addition & 1 deletion b/‎contracts/prebuilts/token/TokenERC721.sol
Copy file name to clipboardExpand all lines: contracts/prebuilts/token/TokenERC721.sol
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎contracts/prebuilts/unaudited/burn-to-claim-drop/extension/BurnToClaimDrop721Logic.sol
Copy file name to clipboardExpand all lines: contracts/prebuilts/unaudited/burn-to-claim-drop/extension/BurnToClaimDrop721Logic.sol
+4-2Lines changed: 4 additions & 2 deletions b/‎contracts/prebuilts/unaudited/burn-to-claim-drop/extension/BurnToClaimDrop721Logic.sol
Copy file name to clipboardExpand all lines: contracts/prebuilts/unaudited/burn-to-claim-drop/extension/BurnToClaimDrop721Logic.sol
+4-2Lines changed: 4 additions & 2 deletions
@@ -7,7 +7,7 @@ import "./ERC1155Base.sol";
 
 import "../extension/PrimarySale.sol";
 import "../extension/SignatureMintERC1155.sol";
-
+import { ReentrancyGuard } from "../extension/upgradeable/ReentrancyGuard.sol";
 import { CurrencyTransferLib } from "../lib/CurrencyTransferLib.sol";
 
 /**
@@ -23,7 +23,7 @@ import { CurrencyTransferLib } from "../lib/CurrencyTransferLib.sol";
  *
  */
 
-contract ERC1155SignatureMint is ERC1155Base, PrimarySale, SignatureMintERC1155 {
+contract ERC1155SignatureMint is ERC1155Base, PrimarySale, SignatureMintERC1155, ReentrancyGuard {
     /*//////////////////////////////////////////////////////////////
                             Constructor
     //////////////////////////////////////////////////////////////*/
@@ -52,7 +52,7 @@ contract ERC1155SignatureMint is ERC1155Base, PrimarySale, SignatureMintERC1155
     function mintWithSignature(
         MintRequest calldata _req,
         bytes calldata _signature
-    ) external payable virtual override returns (address signer) {
+    ) external payable virtual override nonReentrant returns (address signer) {
         require(_req.quantity > 0, "Minting zero tokens.");
 
         uint256 tokenIdToMint;
 
@@ -7,7 +7,7 @@ import "./ERC20Base.sol";
 
 import "../extension/PrimarySale.sol";
 import { SignatureMintERC20 } from "../extension/SignatureMintERC20.sol";
-
+import { ReentrancyGuard } from "../extension/upgradeable/ReentrancyGuard.sol";
 import { CurrencyTransferLib } from "../lib/CurrencyTransferLib.sol";
 
 /**
@@ -23,7 +23,7 @@ import { CurrencyTransferLib } from "../lib/CurrencyTransferLib.sol";
  *
  */
 
-contract ERC20SignatureMint is ERC20Base, PrimarySale, SignatureMintERC20 {
+contract ERC20SignatureMint is ERC20Base, PrimarySale, SignatureMintERC20, ReentrancyGuard {
     /*//////////////////////////////////////////////////////////////
                             Constructor
     //////////////////////////////////////////////////////////////*/
@@ -50,7 +50,7 @@ contract ERC20SignatureMint is ERC20Base, PrimarySale, SignatureMintERC20 {
     function mintWithSignature(
         MintRequest calldata _req,
         bytes calldata _signature
-    ) external payable virtual returns (address signer) {
+    ) external payable virtual nonReentrant returns (address signer) {
         require(_req.quantity > 0, "Minting zero tokens.");
 
         // Verify and process payload.
 
@@ -7,7 +7,7 @@ import "./ERC20Vote.sol";
 
 import "../extension/PrimarySale.sol";
 import { SignatureMintERC20 } from "../extension/SignatureMintERC20.sol";
-
+import { ReentrancyGuard } from "../extension/upgradeable/ReentrancyGuard.sol";
 import { CurrencyTransferLib } from "../lib/CurrencyTransferLib.sol";
 
 /**
@@ -23,7 +23,7 @@ import { CurrencyTransferLib } from "../lib/CurrencyTransferLib.sol";
  *
  */
 
-contract ERC20SignatureMintVote is ERC20Vote, PrimarySale, SignatureMintERC20 {
+contract ERC20SignatureMintVote is ERC20Vote, PrimarySale, SignatureMintERC20, ReentrancyGuard {
     /*//////////////////////////////////////////////////////////////
                             Constructor
     //////////////////////////////////////////////////////////////*/
@@ -50,7 +50,7 @@ contract ERC20SignatureMintVote is ERC20Vote, PrimarySale, SignatureMintERC20 {
     function mintWithSignature(
         MintRequest calldata _req,
         bytes calldata _signature
-    ) external payable virtual returns (address signer) {
+    ) external payable virtual nonReentrant returns (address signer) {
         require(_req.quantity > 0, "Minting zero tokens.");
 
         // Verify and process payload.
 
@@ -11,6 +11,7 @@ import "../extension/Royalty.sol";
 import "../extension/SoulboundERC721A.sol";
 import "../extension/TokenStore.sol";
 import "../extension/Multicall.sol";
+import { ReentrancyGuard } from "../extension/upgradeable/ReentrancyGuard.sol";
 
 /**
  *      BASE:      ERC721Base
@@ -26,7 +27,16 @@ import "../extension/Multicall.sol";
  *
  */
 
-contract ERC721Multiwrap is Multicall, TokenStore, SoulboundERC721A, ERC721A, ContractMetadata, Ownable, Royalty {
+contract ERC721Multiwrap is
+    Multicall,
+    TokenStore,
+    SoulboundERC721A,
+    ERC721A,
+    ContractMetadata,
+    Ownable,
+    Royalty,
+    ReentrancyGuard
+{
     /*//////////////////////////////////////////////////////////////
                     Permission control roles
     //////////////////////////////////////////////////////////////*/
@@ -148,7 +158,7 @@ contract ERC721Multiwrap is Multicall, TokenStore, SoulboundERC721A, ERC721A, Co
         Token[] calldata _tokensToWrap,
         string calldata _uriForWrappedToken,
         address _recipient
-    ) public payable virtual onlyRoleWithSwitch(MINTER_ROLE) returns (uint256 tokenId) {
+    ) public payable virtual onlyRoleWithSwitch(MINTER_ROLE) nonReentrant returns (uint256 tokenId) {
         if (!hasRole(ASSET_ROLE, address(0))) {
             for (uint256 i = 0; i < _tokensToWrap.length; i += 1) {
                 _checkRole(ASSET_ROLE, _tokensToWrap[i].assetContract);
@@ -170,7 +180,7 @@ contract ERC721Multiwrap is Multicall, TokenStore, SoulboundERC721A, ERC721A, Co
      *  @param _tokenId   The token Id of the wrapped NFT to unwrap.
      *  @param _recipient The recipient of the underlying ERC1155, ERC721, ERC20 tokens of the wrapped NFT.
      */
-    function unwrap(uint256 _tokenId, address _recipient) public virtual onlyRoleWithSwitch(UNWRAP_ROLE) {
+    function unwrap(uint256 _tokenId, address _recipient) public virtual onlyRoleWithSwitch(UNWRAP_ROLE) nonReentrant {
         require(_tokenId < nextTokenIdToMint(), "wrapped NFT DNE.");
         require(isApprovedOrOwner(msg.sender, _tokenId), "caller not approved for unwrapping.");
 
 
@@ -8,7 +8,7 @@ import "./ERC721Base.sol";
 import "../extension/PrimarySale.sol";
 import "../extension/PermissionsEnumerable.sol";
 import "../extension/SignatureMintERC721.sol";
-
+import { ReentrancyGuard } from "../extension/upgradeable/ReentrancyGuard.sol";
 import { CurrencyTransferLib } from "../lib/CurrencyTransferLib.sol";
 
 /**
@@ -24,7 +24,7 @@ import { CurrencyTransferLib } from "../lib/CurrencyTransferLib.sol";
  *
  */
 
-contract ERC721SignatureMint is ERC721Base, PrimarySale, SignatureMintERC721 {
+contract ERC721SignatureMint is ERC721Base, PrimarySale, SignatureMintERC721, ReentrancyGuard {
     /*//////////////////////////////////////////////////////////////
                             Constructor
     //////////////////////////////////////////////////////////////*/
@@ -53,7 +53,7 @@ contract ERC721SignatureMint is ERC721Base, PrimarySale, SignatureMintERC721 {
     function mintWithSignature(
         MintRequest calldata _req,
         bytes calldata _signature
-    ) external payable virtual override returns (address signer) {
+    ) external payable virtual override nonReentrant returns (address signer) {
         require(_req.quantity == 1, "quantiy must be 1");
 
         uint256 tokenIdToMint = nextTokenIdToMint();
 
@@ -158,7 +158,10 @@ contract LoyaltyCard is
     }
 
     /// @dev Lets an account with MINTER_ROLE mint an NFT. Always mints 1 NFT.
-    function mintTo(address _to, string calldata _uri) external onlyRole(MINTER_ROLE) returns (uint256 tokenIdMinted) {
+    function mintTo(
+        address _to,
+        string calldata _uri
+    ) external onlyRole(MINTER_ROLE) nonReentrant returns (uint256 tokenIdMinted) {
         tokenIdMinted = _mintTo(_to, _uri);
         emit TokensMinted(_to, tokenIdMinted, _uri);
     }
 
@@ -88,7 +88,7 @@ contract EnglishAuctionsLogic is IEnglishAuctions, ReentrancyGuard, ERC2771Conte
     /// @notice Auction ERC721 or ERC1155 NFTs.
     function createAuction(
         AuctionParameters calldata _params
-    ) external onlyListerRole onlyAssetRole(_params.assetContract) returns (uint256 auctionId) {
+    ) external onlyListerRole onlyAssetRole(_params.assetContract) nonReentrant returns (uint256 auctionId) {
         auctionId = _getNextAuctionId();
         address auctionCreator = _msgSender();
         TokenType tokenType = _getTokenType(_params.assetContract);
@@ -181,7 +181,9 @@ contract EnglishAuctionsLogic is IEnglishAuctions, ReentrancyGuard, ERC2771Conte
     }
 
     /// @dev Cancels an auction.
-    function cancelAuction(uint256 _auctionId) external onlyExistingAuction(_auctionId) onlyAuctionCreator(_auctionId) {
+    function cancelAuction(
+        uint256 _auctionId
+    ) external onlyExistingAuction(_auctionId) onlyAuctionCreator(_auctionId) nonReentrant {
         Auction memory _targetAuction = _englishAuctionsStorage().auctions[_auctionId];
         Bid memory _winningBid = _englishAuctionsStorage().winningBid[_auctionId];
 
 
@@ -270,7 +270,7 @@ contract Pack is
     }
 
     /// @notice Lets a pack owner open packs and receive the packs' reward units.
-    function openPack(uint256 _packId, uint256 _amountToOpen) external returns (Token[] memory) {
+    function openPack(uint256 _packId, uint256 _amountToOpen) external nonReentrant returns (Token[] memory) {
         address opener = _msgSender();
 
         require(isTrustedForwarder(msg.sender) || opener == tx.origin, "!EOA");
 
@@ -25,14 +25,16 @@ import "@openzeppelin/contracts-upgradeable/access/AccessControlEnumerableUpgrad
 // Utils
 import "../../extension/Multicall.sol";
 import "../../lib/FeeType.sol";
+import "../../extension/upgradeable/ReentrancyGuard.sol";
 
 contract Split is
     IThirdwebContract,
     Initializable,
     Multicall,
     ERC2771ContextUpgradeable,
     AccessControlEnumerableUpgradeable,
-    PaymentSplitterUpgradeable
+    PaymentSplitterUpgradeable,
+    ReentrancyGuard
 {
     bytes32 private constant MODULE_TYPE = bytes32("Split");
     uint128 private constant VERSION = 1;
@@ -76,7 +78,7 @@ contract Split is
      * @dev Triggers a transfer to `account` of the amount of Ether they are owed, according to their percentage of the
      * total shares and their previous withdrawals.
      */
-    function release(address payable account) public virtual override {
+    function release(address payable account) public virtual override nonReentrant {
         uint256 payment = _release(account);
         require(payment != 0, "PaymentSplitter: account is not due payment");
     }
@@ -86,7 +88,7 @@ contract Split is
      * percentage of the total shares and their previous withdrawals. `token` must be the address of an IERC20
      * contract.
      */
-    function release(IERC20Upgradeable token, address account) public virtual override {
+    function release(IERC20Upgradeable token, address account) public virtual override nonReentrant {
         uint256 payment = _release(token, account);
         require(payment != 0, "PaymentSplitter: account is not due payment");
     }
@@ -134,7 +136,7 @@ contract Split is
     /**
      * @dev Release the owed amount of token to all of the payees.
      */
-    function distribute() public virtual {
+    function distribute() public virtual nonReentrant {
         uint256 count = payeeCount();
         for (uint256 i = 0; i < count; i++) {
             _release(payable(payee(i)));
@@ -144,7 +146,7 @@ contract Split is
     /**
      * @dev Release owed amount of the `token` to all of the payees.
      */
-    function distribute(IERC20Upgradeable token) public virtual {
+    function distribute(IERC20Upgradeable token) public virtual nonReentrant {
         uint256 count = payeeCount();
         for (uint256 i = 0; i < count; i++) {
             _release(token, payee(i));
 
@@ -115,7 +115,7 @@ contract EditionStake is
     }
 
     /// @dev Admin can withdraw excess reward tokens.
-    function withdrawRewardTokens(uint256 _amount) external {
+    function withdrawRewardTokens(uint256 _amount) external nonReentrant {
         require(hasRole(DEFAULT_ADMIN_ROLE, _msgSender()), "Not authorized");
 
         // to prevent locking of direct-transferred tokens
 
@@ -115,7 +115,7 @@ contract NFTStake is
     }
 
     /// @dev Admin can withdraw excess reward tokens.
-    function withdrawRewardTokens(uint256 _amount) external {
+    function withdrawRewardTokens(uint256 _amount) external nonReentrant {
         require(hasRole(DEFAULT_ADMIN_ROLE, _msgSender()), "Not authorized");
 
         // to prevent locking of direct-transferred tokens
 
@@ -215,7 +215,7 @@ contract TokenERC1155 is
         uint256 _tokenId,
         string calldata _uri,
         uint256 _amount
-    ) external onlyRole(MINTER_ROLE) {
+    ) external nonReentrant onlyRole(MINTER_ROLE) {
         uint256 tokenIdToMint;
         if (_tokenId == type(uint256).max) {
             tokenIdToMint = nextTokenIdToMint;
 
@@ -161,7 +161,7 @@ contract TokenERC20 is
      *
      * - the caller must have the `MINTER_ROLE`.
      */
-    function mintTo(address to, uint256 amount) public virtual {
+    function mintTo(address to, uint256 amount) public virtual nonReentrant {
         require(hasRole(MINTER_ROLE, _msgSender()), "not minter.");
         _mintTo(to, amount);
     }
 
@@ -191,7 +191,7 @@ contract TokenERC721 is
     }
 
     /// @dev Lets an account with MINTER_ROLE mint an NFT.
-    function mintTo(address _to, string calldata _uri) external onlyRole(MINTER_ROLE) returns (uint256) {
+    function mintTo(address _to, string calldata _uri) external nonReentrant onlyRole(MINTER_ROLE) returns (uint256) {
         // `_mintTo` is re-used. `mintTo` just adds a minter role check.
         return _mintTo(_to, _uri);
     }
 
@@ -33,6 +33,7 @@ import { ContractMetadata } from "../../../../extension/upgradeable/ContractMeta
 import { Ownable } from "../../../../extension/upgradeable/Ownable.sol";
 import { PermissionsStorage } from "../../../../extension/upgradeable/Permissions.sol";
 import { BurnToClaim, BurnToClaimStorage } from "../../../../extension/upgradeable/BurnToClaim.sol";
+import { ReentrancyGuard } from "../../../../extension/upgradeable/ReentrancyGuard.sol";
 
 contract BurnToClaimDrop721Logic is
     ContractMetadata,
@@ -45,7 +46,8 @@ contract BurnToClaimDrop721Logic is
     LazyMint,
     Drop,
     ERC2771ContextUpgradeable,
-    ERC721AUpgradeable
+    ERC721AUpgradeable,
+    ReentrancyGuard
 {
     using Strings for uint256;
 
@@ -137,7 +139,7 @@ contract BurnToClaimDrop721Logic is
     //////////////////////////////////////////////////////////////*/
 
     /// @notice Claim lazy minted tokens after burning required tokens from origin contract.
-    function burnAndClaim(uint256 _burnTokenId, uint256 _quantity) external payable {
+    function burnAndClaim(uint256 _burnTokenId, uint256 _quantity) external payable nonReentrant {
         _checkTokenSupply(_quantity);
 
         // Verify and burn tokens on origin contract
Original file line number	Diff line number	Diff line change
`@@ -158,7 +158,10 @@ contract LoyaltyCard is`
`158`	`158`	`}`
`159`	`159`
`160`	`160`	`/// @dev Lets an account with MINTER_ROLE mint an NFT. Always mints 1 NFT.`
`161`		`- function mintTo(address _to, string calldata _uri) external onlyRole(MINTER_ROLE) returns (uint256 tokenIdMinted) {`
	`161`	`+ function mintTo(`
	`162`	`+ address _to,`
	`163`	`+ string calldata _uri`
	`164`	`+ ) external onlyRole(MINTER_ROLE) nonReentrant returns (uint256 tokenIdMinted) {`
`162`	`165`	`tokenIdMinted = _mintTo(_to, _uri);`
`163`	`166`	`emit TokensMinted(_to, tokenIdMinted, _uri);`
`164`	`167`	`}`
Original file line number	Diff line number	Diff line change
`@@ -270,7 +270,7 @@ contract Pack is`
`270`	`270`	`}`
`271`	`271`
`272`	`272`	`/// @notice Lets a pack owner open packs and receive the packs' reward units.`
`273`		`- function openPack(uint256 _packId, uint256 _amountToOpen) external returns (Token[] memory) {`
	`273`	`+ function openPack(uint256 _packId, uint256 _amountToOpen) external nonReentrant returns (Token[] memory) {`
`274`	`274`	`address opener = _msgSender();`
`275`	`275`
`276`	`276`	`require(isTrustedForwarder(msg.sender) \|\| opener == tx.origin, "!EOA");`
Original file line number	Diff line number	Diff line change
`@@ -115,7 +115,7 @@ contract EditionStake is`
`115`	`115`	`}`
`116`	`116`
`117`	`117`	`/// @dev Admin can withdraw excess reward tokens.`
`118`		`- function withdrawRewardTokens(uint256 _amount) external {`
	`118`	`+ function withdrawRewardTokens(uint256 _amount) external nonReentrant {`
`119`	`119`	`require(hasRole(DEFAULT_ADMIN_ROLE, _msgSender()), "Not authorized");`
`120`	`120`
`121`	`121`	`// to prevent locking of direct-transferred tokens`
Original file line number	Diff line number	Diff line change
`@@ -115,7 +115,7 @@ contract NFTStake is`
`115`	`115`	`}`
`116`	`116`
`117`	`117`	`/// @dev Admin can withdraw excess reward tokens.`
`118`		`- function withdrawRewardTokens(uint256 _amount) external {`
	`118`	`+ function withdrawRewardTokens(uint256 _amount) external nonReentrant {`
`119`	`119`	`require(hasRole(DEFAULT_ADMIN_ROLE, _msgSender()), "Not authorized");`
`120`	`120`
`121`	`121`	`// to prevent locking of direct-transferred tokens`
Original file line number	Diff line number	Diff line change
`@@ -161,7 +161,7 @@ contract TokenERC20 is`
`161`	`161`	`*`
`162`	`162`	* - the caller must have the `MINTER_ROLE`.
`163`	`163`	`*/`
`164`		`- function mintTo(address to, uint256 amount) public virtual {`
	`164`	`+ function mintTo(address to, uint256 amount) public virtual nonReentrant {`
`165`	`165`	`require(hasRole(MINTER_ROLE, _msgSender()), "not minter.");`
`166`	`166`	`_mintTo(to, amount);`
`167`	`167`	`}`
Original file line number	Diff line number	Diff line change
`@@ -191,7 +191,7 @@ contract TokenERC721 is`
`191`	`191`	`}`
`192`	`192`
`193`	`193`	`/// @dev Lets an account with MINTER_ROLE mint an NFT.`
`194`		`- function mintTo(address _to, string calldata _uri) external onlyRole(MINTER_ROLE) returns (uint256) {`
	`194`	`+ function mintTo(address _to, string calldata _uri) external nonReentrant onlyRole(MINTER_ROLE) returns (uint256) {`
`195`	`195`	// `_mintTo` is re-used. `mintTo` just adds a minter role check.
`196`	`196`	`return _mintTo(_to, _uri);`
`197`	`197`	`}`