defirisk.co
rubric v1.7.0

ERC-777/1155/721 hook without reentrancy guard

A code & audits factor in the v1.7.0 rubric. Measured per protocol on a s cadence.

Methodology how we score #

**What this measures** This factor detects whether the protocol accepts tokens that implement callback hooks -- specifically ERC-777 (tokensReceived via ERC-1820), ERC-1155 (onERC1155Received), or ERC-721 (onERC721Received) -- without applying reentrancy guards to the functions in the protocol that receive or process those tokens. The assessment checks the protocol's supported token list against the set of functions that handle incoming token transfers and verifies guard coverage.

**Why it matters** Non-standard token callbacks invoke external code during a token transfer, before the calling protocol can update its accounting state. Cream Finance ($18.8M, 2021) accepted AMP -- an ERC-777-based ERC-1820 token -- in its borrow() function, which had no reentrancy guard. The attacker exploited the tokensReceived callback to re-enter borrow() before Cream's borrow balance was updated, borrowing multiple times against the same collateral. Revest Finance lost funds via an ERC-1155 onERC1155Received callback; Sovryn via a callTokensToSend hook; Orion Protocol via a fake token transfer hook in its aggregator swap path. The pattern is consistent across four hacks in the dataset.

**Green / Yellow / Red** Green: the protocol either does not accept ERC-777 / ERC-1155 / callback-hook tokens, or all functions that receive such tokens carry nonReentrant guards verified by static analysis. Yellow: callback-hook tokens are accepted but reentrancy guards are present on primary fund-moving functions only, with some peripheral functions (reward claims, yield compounders) unguarded. Red: any core fund-moving function accepts a callback-hook token without a reentrancy guard.

**Common gray cases** This factor is gray when the protocol's accepted token list is not publicly defined or when the token's callback behavior cannot be confirmed without running the token contract's code.

Measurement what to look for #

Determine whether the protocol integrates token standards with callbacks (ERC-777 tokensReceived, ERC-1155 onReceived, ERC-721 onReceived) without reentrancy guards on the affected functions.

Data & output #

Data source
Slither `reentrancy-eth` detector + source search for ERC-777/1155/721 interface imports
Output format
Green / Yellow / Red
Evidence artifact
Slither output JSON + token interface import paths
Confidence signal
green = no such integration, or all callback paths guarded; red = unguarded callback integration found; gray = source unverified

Scored protocols 80 carry this factor #

Protocol RD-F-015
Aave v3 ethereum green Across Protocol ethereum green Aerodrome Finance base green Axelar Network ethereum yellow Babylon Protocol bitcoin not_applicable Balancer (v2 + v3) ethereum green Beefy Finance ethereum yellow BENQI avalanche green BlackRock USD Institutional Digital Liquidity Fund (BUIDL) ethereum gray Cap (cUSD / stcUSD) ethereum green Centrifuge ethereum green Chainlink CCIP ethereum gray Circle USYC binance not_applicable Compound V3 (Comet) ethereum yellow Concrete ethereum green Convex Finance ethereum green crvUSD (Curve Stablecoin) ethereum green Curve Finance ethereum green deBridge ethereum green Dolomite ethereum green dYdX v4 (dYdX Chain) dydx not_applicable EigenLayer ethereum green Ethena ethereum green ether.fi ethereum green Euler V2 ethereum green Falcon Finance ethereum green Fluid ethereum green Frax Finance ethereum gray GMX v2 (GMX Synthetics) arbitrum green Hyperlane ethereum gray Hyperliquid arbitrum green Jito solana not_applicable Jupiter solana not_applicable Jupiter Perpetual Exchange solana not_applicable JustLend DAO tron not_applicable Kamino Lend solana not_applicable Kinetiq hyperliquid green Lido ethereum green Liquid Collective (LsETH) ethereum green Liquity V1 + V2 (LUSD / BOLD) ethereum green Lista DAO bsc green Lombard Finance ethereum green M^0 ethereum green Maple Finance ethereum green Marinade Finance solana not_applicable Meteora solana not_applicable mETH Protocol ethereum green Midas ethereum not_applicable Morpho V1 (Morpho Blue + MetaMorpho) ethereum green Multipli ethereum green Ondo Finance ethereum green OpenEden ethereum not_applicable Orca solana not_applicable PancakeSwap bsc yellow Pendle Finance ethereum green Polymarket polygon yellow QuickSwap polygon green Raydium solana not_applicable Rocket Pool ethereum green Sanctum solana not_applicable Save (formerly Solend) solana not_applicable Sky Lending (formerly MakerDAO) ethereum green Spark Protocol ethereum not_applicable Spiko stellar yellow Stake DAO ethereum gray StakeWise v3 ethereum green Stargate Finance ethereum green stHYPE (Valantis Labs) hyperliquid gray SUNSwap (sun.io) tron green Superstate ethereum not_applicable Sushi (SushiSwap) — v2 + v3 + Trident + BentoBox/Kashi + SushiXSwap ethereum green Symbiotic ethereum not_applicable Synapse Protocol ethereum not_assessed Uniswap (v2 + v3) ethereum green USDD (Decentralized USD) tron green Usual (USD0 / bUSD0 / USUAL) ethereum green Veda (BoringVault) ethereum green Venus Protocol bsc green Wormhole ethereum yellow Yearn Finance ethereum green
0 red · 7 yellow · 47 green

Linked hacks no historical incidents linked #

No historical incidents are linked to this factor.
rubric_version v1.7.0 factor RD-F-015 category 1 carried 80 critical no