Reentrancy guard on external-calling functions
OpenEden's assessment for RD-F-014 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
Hacken Nov-2024 did not flag reentrancy issues in V4Impl. V5 adds redeemIns() with external redemption contract call — a new external call path not in Hacken scope. Reentrancy guard presence on V5's external-calling functions cannot be confirmed without Slither analysis or source review.
Sources #
- GitHubOpenEdenVaultV5Impl.sol — GitHub SourceV5Impl source — redeemIns() new external call path addedretrieved 2026-05-16
- Hacken Security Audit — OpenEden Vault Nov-2024Hacken Nov-2024 — no reentrancy finding in V4 scoperetrieved 2026-05-16
Methodology #
Determine whether all state-mutating functions that perform external calls carry `nonReentrant` or an equivalent reentrancy guard.
See the full factor methodology and distribution across all protocols →
rubric_version v1.7.0 protocol openeden factor RD-F-014 score gray collected_at 2026-05-16 10:11:45