ERC-777/1155/721 hook without reentrancy guard

Frax Finance's assessment for RD-F-015 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

FraxEtherRedemptionQueueV2 is an ERC-721 system using _safeMint which triggers onERC721Received hooks. Potential reentrancy surface if minting happens before state update. Frax Security Cartel Mar 2024 (frxETH V2) would have covered this; report not accessible as text. Tool run required.

Sources #

Etherscan
FraxEtherRedemptionQueueV2 EtherscanFraxEtherRedemptionQueueV2 ABI — ERC-721 with _safeMint patternretrieved 2026-05-17

Methodology #

Determine whether the protocol integrates token standards with callbacks (ERC-777 tokensReceived, ERC-1155 onReceived, ERC-721 onReceived) without reentrancy guards on the affected functions.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol frax factor RD-F-015 score gray collected_at 2026-05-16 20:44:31