ERC-777/1155/721 hook without reentrancy guard
Centrifuge's assessment for RD-F-015 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
Centrifuge V3/V3.1 uses ERC-20 tokens (USDC, stablecoins) and SafeTransferLib for all token interactions. No ERC-777 tokensReceived, ERC-1155 onReceived, or ERC-721 onReceived hooks integrated. RestrictionManager implements ERC-1404 (transfer restrictions without external callbacks). AsyncVault.sol uses SafeTransferLib.
Sources #
- GitHubAsyncVault.sol source inspectioncentrifuge/protocol AsyncVault.sol — SafeTransferLib usage, no ERC-777 hooksretrieved 2026-04-28
- RestrictionManager verified source — ERC-1404 without callbacksRestrictionManager 0x4737C3f62Cc265e786b280153fC666cEA2fBc0c0 — ERC-1404, no hook callbacksretrieved 2026-04-28
- Code4rena Sept 2023 — ERC-1404 finding analysisCode4rena 2023-09-centrifuge — ERC-1404 medium finding (restriction logic, not hooks); no ERC-777 finding raisedretrieved 2026-04-28
Methodology #
Determine whether the protocol integrates token standards with callbacks (ERC-777 tokensReceived, ERC-1155 onReceived, ERC-721 onReceived) without reentrancy guards on the affected functions.
See the full factor methodology and distribution across all protocols →
rubric_version v1.7.0 protocol centrifuge factor RD-F-015 score green collected_at 2026-04-30 21:19:10