ERC-777/1155/721 hook without reentrancy guard
Chainlink CCIP's assessment for RD-F-015 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
CCIP uses a token pool model where CCT-standard pools handle token operations. Core OnRamp/OffRamp do not directly integrate ERC-777/1155/721 callbacks. Risk depends on individual CCT token pool implementations. Not assessable for third-party token pools without per-pool source review.
Sources #
- DocsCCIP Architecture Overview — token pool modelCCIP architecture — token pool model descriptionretrieved 2026-05-16
Methodology #
Determine whether the protocol integrates token standards with callbacks (ERC-777 tokensReceived, ERC-1155 onReceived, ERC-721 onReceived) without reentrancy guards on the affected functions.
See the full factor methodology and distribution across all protocols →
rubric_version v1.7.0 protocol chainlink-ccip factor RD-F-015 score gray collected_at 2026-05-16 01:55:09