Reentrancy guard on external-calling functions

Midas's assessment for RD-F-014 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No reentrancy finding in Sherlock 2024-05 or 2024-08. Contracts use SafeERC20 for token transfers (confirmed via Etherscan bytecode metadata referencing _callOptionalReturn). Competitive audit with multiple researchers found no reentrancy vulnerability across vault and token contracts.

Sources #

GitHub
Sherlock 2024-08 JudgingSherlock 2024-08 judging — no reentrancy finding in core contractsretrieved 2026-05-16
Etherscan
Issuance Vault ImplementationIssuance Vault impl — SafeERC20 pattern confirmed in bytecoderetrieved 2026-05-16

Methodology #

Determine whether all state-mutating functions that perform external calls carry `nonReentrant` or an equivalent reentrancy guard.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol midas factor RD-F-014 score green collected_at 2026-05-16 09:34:55