Kodyvim
high
Using openzepplin reentrancyguard for contracts deployed behind a proxy won't work.
reentrancyGuardfrom openzepplin has the _status set in the constructor, the nonReentrant modifier would not work as expect since _status variable is not reachable from the proxy.
Leaving contract vulnerable to reentrancy attacks.
https://github.com/sherlock-audit/2023-05-ironbank/blob/main/ib-v2/src/protocol/pool/IronBank.sol#L5
Manual Review
Use ReentrancyGuardUpgradeable and call __ReentrancyGuard_init() within the initialize function