defirisk.co
rubric v1.7.0

EIP-712 domain separator missing chainId

A code & audits factor in the v1.7.0 rubric. Measured per protocol on a s cadence.

Methodology how we score #

**What this measures** This factor assesses whether EIP-712 structured message signing in the protocol includes the chainId field in the domain separator. An EIP-712 domain separator that omits chainId allows a signed message valid on one chain to be replayed on any other chain where the protocol is deployed. The assessment is performed by static analysis of the domain separator construction in the protocol's verified source code.

**Why it matters** Cross-chain replay of signed messages is an underappreciated risk in multi-chain protocol deployments. If a protocol deploys to Ethereum, Arbitrum, and Base with the same contract logic and addresses, a permit() or governance vote signature from Ethereum can be submitted on Arbitrum and accepted as valid -- unless chainId is included in the domain separator. With approximately three documented hacks attributable to this pattern in the T-01 evidence base, and DeFi protocols increasingly deploying to five or more chains simultaneously, the absence of chainId in EIP-712 domain separators is a growing risk vector.

**Green / Yellow / Red** Green: all EIP-712 domain separators in deployed contracts include chainId, name, version, and verifyingContract fields as specified in the EIP. Yellow: chainId is included in the domain separator, but the domain separator is not recomputed on each verification call (cached domain separator pattern), creating a risk if the contract is ever deployed to a new chain with a cached stale separator. Red: any EIP-712 domain separator in the protocol omits the chainId field.

**Common gray cases** This factor is gray for protocols that do not use EIP-712 signing in any function path, including protocols with purely on-chain governance and no permit()-style functions.

Measurement what to look for #

Determine whether the EIP-712 domain separator struct omits the `chainId` field, allowing cross-chain replay.

Data & output #

Data source
Slither + source search for `DOMAIN_SEPARATOR` or `EIP712` struct definition
Output format
Green / Yellow / Red
Evidence artifact
Source excerpt showing domain struct definition
Confidence signal
green = chainId present in domain separator; red = chainId absent; gray = protocol does not use EIP-712 signatures (N/A) or source unverified

Scored protocols 80 carry this factor #

Protocol RD-F-020
Aave v3 ethereum green Across Protocol ethereum green Aerodrome Finance base green Axelar Network ethereum not_applicable Babylon Protocol bitcoin not_applicable Balancer (v2 + v3) ethereum green Beefy Finance ethereum green BENQI avalanche gray BlackRock USD Institutional Digital Liquidity Fund (BUIDL) ethereum gray Cap (cUSD / stcUSD) ethereum green Centrifuge ethereum green Chainlink CCIP ethereum yellow Circle USYC binance gray Compound V3 (Comet) ethereum green Concrete ethereum green Convex Finance ethereum not_applicable crvUSD (Curve Stablecoin) ethereum green Curve Finance ethereum green deBridge ethereum green Dolomite ethereum yellow dYdX v4 (dYdX Chain) dydx not_applicable EigenLayer ethereum green Ethena ethereum green ether.fi ethereum green Euler V2 ethereum green Falcon Finance ethereum green Fluid ethereum not_applicable Frax Finance ethereum gray GMX v2 (GMX Synthetics) arbitrum green Hyperlane ethereum green Hyperliquid arbitrum yellow Jito solana not_applicable Jupiter solana not_applicable Jupiter Perpetual Exchange solana not_applicable JustLend DAO tron not_applicable Kamino Lend solana not_applicable Kinetiq hyperliquid green Lido ethereum green Liquid Collective (LsETH) ethereum green Liquity V1 + V2 (LUSD / BOLD) ethereum green Lista DAO bsc green Lombard Finance ethereum green M^0 ethereum green Maple Finance ethereum yellow Marinade Finance solana not_applicable Meteora solana not_applicable mETH Protocol ethereum green Midas ethereum not_applicable Morpho V1 (Morpho Blue + MetaMorpho) ethereum green Multipli ethereum green Ondo Finance ethereum green OpenEden ethereum not_applicable Orca solana not_applicable PancakeSwap bsc gray Pendle Finance ethereum green Polymarket polygon green QuickSwap polygon green Raydium solana not_applicable Rocket Pool ethereum not_applicable Sanctum solana not_applicable Save (formerly Solend) solana not_applicable Sky Lending (formerly MakerDAO) ethereum green Spark Protocol ethereum not_applicable Spiko stellar green Stake DAO ethereum gray StakeWise v3 ethereum green Stargate Finance ethereum not_applicable stHYPE (Valantis Labs) hyperliquid gray SUNSwap (sun.io) tron not_applicable Superstate ethereum green Sushi (SushiSwap) — v2 + v3 + Trident + BentoBox/Kashi + SushiXSwap ethereum gray Symbiotic ethereum gray Synapse Protocol ethereum not_assessed Uniswap (v2 + v3) ethereum green USDD (Decentralized USD) tron green Usual (USD0 / bUSD0 / USUAL) ethereum green Veda (BoringVault) ethereum green Venus Protocol bsc green Wormhole ethereum not_applicable Yearn Finance ethereum green
0 red · 4 yellow · 43 green

Linked hacks no historical incidents linked #

No historical incidents are linked to this factor.
rubric_version v1.7.0 factor RD-F-020 category 1 carried 80 critical no