Attention needed on reentrancy issues #18
Description
Although we removed calls to external transferFrom have been wrapper in require statements in commit [20e6637], I still think reentrancy issues need to be looked at more closely.
In particular, does using require guarantee that there is no possibility for reentrancy ?
All the reentrancy examples I have seen seemed to involve 'call()' and do not really go with standard solidity programming practices.
A clear explanation on why this line of code is safe would be helpful to me:
require(ERC20(order.tokenSell).transferFrom(order.maker, trade.taker, filledAmountSell))
Any thoughts on this ?