defirisk.co
rubric v1.7.0

Reentrancy guard on external-calling functions

Jupiter Perpetual Exchange's assessment for RD-F-014 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Solana's account model provides structural reentrancy protection different from EVM. However, Solana CPI reentrancy vulnerabilities have been exploited in other protocols (e.g., Cashio). Without source access, cannot verify that the Jupiter Perps program correctly guards CPI reentrancy paths. Gray: source not accessible.

Sources #

  • Internal
    00-data-cache.json static_analysis: []Closed-source program; no static analysis output in data-cache; source unavailableretrieved 2026-05-16

Methodology #

Determine whether all state-mutating functions that perform external calls carry `nonReentrant` or an equivalent reentrancy guard.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol jupiter-perps factor RD-F-014 score gray collected_at 2026-05-16 01:53:11