ERC-777/1155/721 hook without reentrancy guard

Spiko's assessment for RD-F-015 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Token.sol uses ERC-1363 (ERC1363Upgradeable) which provides transferAndCall and transferFromAndCall with recipient callbacks, analogous to ERC-777 hooks. OZ ERC-1363 implementation uses checks-effects-interactions pattern. No ERC-777 or ERC-1155/721 hooks identified. Yellow because ERC-1363 callback integration exists and Slither not run to confirm all paths are guarded.

Sources #

GitHub
Spiko Token.sol ERC1363UpgradeableToken.sol imports ERC1363Upgradeable - callback-capable token standardretrieved 2026-05-16

Methodology #

Determine whether the protocol integrates token standards with callbacks (ERC-777 tokensReceived, ERC-1155 onReceived, ERC-721 onReceived) without reentrancy guards on the affected functions.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol spiko factor RD-F-015 score yellow collected_at 2026-05-15 22:52:13