So there is some bad news here unfortunately (before you continue reading, this is a warning related to an experimental, incomplete feature so nothing at risk for now). Solidity EOF (via the `osaka` EVM version) implements a reentrancy possibility for their `transfer` and `send` built-ins. The TL;DR is: Solidity removed the custom gas forwarding of `2,300` gas for the EOF versions of `transfer` and `send` and forwards the remaining gas (subject to the 63/64th rule and the additional introduced logic) since they now use the EOF `EXTCALL` opcode (EOF has no gas introspection!). This change means that `transfer` and `send` can no longer be considered safe from reentrancy attacks under `osaka`! To clarify again, no contracts are affected yet, and the specifications for the Fusaka upgrade aren't finalised. However, I feel it's crucial to warn the industry early: If EOF ships and these opcodes go live, people will likely continue using the existing Solidity code with `transfer` or `send` under the false assumption that it's safe against reentrancy, unknowingly exposing themselves to potential attacks. I've documented the full analysis here: https://gist.github.com/pcaversaccio/97847f336ee68937ba304295cbe3a168