Reentrancy guard on external-calling functions

Stake DAO's assessment for RD-F-014 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

vlSDT confirmed to use ReentrancyGuard (OZ 5.2.0). Strategy contracts route through Curve external calls. Nov 2023 sdCAKE incident was not a reentrancy (implementation error). No comprehensive Slither reentrancy output available for all strategy contracts.

Sources #

GitHub
vlSDT Source — ReentrancyGuardvlSDT.sol — imports ReentrancyGuard from OZ 5.2.0retrieved 2026-05-16

Methodology #

Determine whether all state-mutating functions that perform external calls carry `nonReentrant` or an equivalent reentrancy guard.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol stake-dao factor RD-F-014 score gray collected_at 2026-05-16 12:29:20