Reentrancy attacks pose a severe threat to decentralized applications (DApps), yet existing detection methods rely on known patterns and lack general-purpose, deployable defense mechanisms. This work proposes Sentinel, a novel proxy-based protection framework that decouples reentrancy safeguards into a dedicated proxy layer, enabling uniform interception of all calls without modifying the original smart contracts. Its key innovations include type-agnostic reentrancy protection, a dual-mode locking mechanism combining lightweight internal guards with a high-security external registry, and static call identification and isolation techniques that effectively mitigate four classes of reentrancy attacks, including read-only reentrancy (ROR). Experimental evaluation demonstrates that Sentinel achieves 100% protection coverage across 70 vulnerable contracts while delivering over 40% performance improvement compared to state-of-the-art solutions.

Reentrancy attacks remain a persistent threat to decentralized applications (DApps), with malicious actors siphoning around 80M USD from the DApp ecosystem last year by exploiting EVM's inter-contract message-passing semantics. Existing research focuses primarily on detection, relying on known attack patterns, and fails to provide deployable solutions that eliminate the vulnerability. Traditional reentrancy guards are similarly limited, offering incomplete coverage across attack variations and lacking robustness against complex DApp interactions. In this paper, we introduce Sentinel, a novel proxy-based approach that mitigates reentrancy vulnerabilities in a type-agnostic way by integrating reentrancy logic directly into the proxy layer, intercepting all calls to the underlying implementation contract. Key features include a dual-mode operational system offering both a gas-optimized internal guard and a high-security external lock registry for cross-contract reentrancy prevention. The proxy also intelligently handles static calls, enabling safe view-function execution while protecting against Read-Only Reentrancy (ROR) attacks. Through rigorous evaluation on a dataset of 70 vulnerable smart contracts, Sentinel achieves 100% security coverage across four major reentrancy attack categories, outperforming existing solutions by over 40%