Reentrancy guard on external-calling functions

M^0's assessment for RD-F-014 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

MinterGateway uses CEI pattern — state mutations (delete _mintProposals[msg.sender]) precede external calls (IMToken.mint()). No explicit nonReentrant modifier but CEI is correct pattern. ERC-20 transfers do not use attacker-controlled callbacks. Covered by Certora FV and Prototech invariant tests.

Sources #

GitHub
MinterGateway.sol sourceMinterGateway.sol — CEI pattern inspectionretrieved 2026-05-16
Audit
Prototech Labs Audit ReportPrototech Labs audit — invariant suite covering reentrancyretrieved 2026-05-16

Methodology #

Determine whether all state-mutating functions that perform external calls carry `nonReentrant` or an equivalent reentrancy guard.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol m0 factor RD-F-014 score green collected_at 2026-05-16 09:46:19