ERC-777/1155/721 hook without reentrancy guard
BENQI's assessment for RD-F-015 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
Compound V2 fork qiToken markets accept only standard ERC-20 tokens. Immunefi bounty scope explicitly excludes ERC-777 re-entrancy as a non-applicable attack vector. No ERC-777/1155/721 callback integration identified in core lending or sAVAX contracts. Green: no such integration present.
Sources #
- GitHubBENQI Lending Contracts — ERC-20 onlyBENQI-Smart-Contracts lending directory — ERC-20 standard interfaces only (EIP20Interface.sol, EIP20NonStandardInterface.sol)retrieved 2026-05-16
- BENQI Immunefi Scope — ERC-777 exclusionImmunefi BENQI scope — ERC-777 re-entrancy explicitly excluded as non-issueretrieved 2026-05-16
Methodology #
Determine whether the protocol integrates token standards with callbacks (ERC-777 tokensReceived, ERC-1155 onReceived, ERC-721 onReceived) without reentrancy guards on the affected functions.
See the full factor methodology and distribution across all protocols →
rubric_version v1.7.0 protocol benqi factor RD-F-015 score green collected_at 2026-05-16 11:02:12