Reentrancy guard on external-calling functions

Centrifuge's assessment for RD-F-014 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Centrifuge V3.1 implements custom reentrancy protection via ReentrancyProtection.sol using transient storage. The protected() modifier tracks caller; nested calls from same sender permitted, reentrant calls from different senders rejected. Gateway.sol prevents reentrant batch creation. V3.1 changelog notes reentrancy fixes. Deployed V3.1 uses 0.8.26 (unaffected by 0.8.28 transient-storage bug).

Sources #

GitHub
https://github.com/centrifuge/protocol/blob/main/src/misc/ReentrancyProtection.solretrieved 2026-04-27
GitHub
https://github.com/centrifuge/protocol/blob/main/src/core/messaging/Gateway.solretrieved 2026-04-27

Methodology #

Determine whether all state-mutating functions that perform external calls carry `nonReentrant` or an equivalent reentrancy guard.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol centrifuge factor RD-F-014 score yellow collected_at 2026-04-30 21:19:10