defirisk.co
rubric v1.7.0

ERC-4626 virtual-share offset (OZ ≥4.9)

A economic risk factor in the v1.7.0 rubric. Measured per protocol on a s cadence.

Methodology how we score #

**What this measures** This factor evaluates whether ERC-4626 vaults in the protocol use OpenZeppelin version 4.9 or later, which introduced virtual shares and virtual assets to prevent first-depositor share inflation attacks. The check is performed via source inspection against the deployed bytecode. For non-ERC-4626 protocols, this factor is N/A. For ERC-4626 vaults using OZ below version 4.9, the factor triggers a review of whether an alternative inflation mitigation (such as a dead-shares burn on deployment) is present.

**Why it matters** The ERC-4626 first-depositor inflation attack is a variant of the empty-cToken problem (RD-F-070) applied to yield-bearing vaults. When a vault has zero total supply, an attacker can donate assets directly to the vault contract before the first legitimate depositor, inflating the share price and causing the legitimate depositor's shares to be worth near-zero. OpenZeppelin 4.9 introduced virtual shares (a small constant added to both total supply and total assets) to make this attack economically non-viable. The bEarn exploit ($18M, 2021) demonstrated a related cross-token accounting vulnerability in a multi-layer vault architecture, illustrating the broader class of first-depositor attacks on vault share accounting.

**Green / Yellow / Red** Green: all ERC-4626 vaults use OZ version 4.9 or later, or implement an equivalent virtual-share offset that prevents inflation attacks. Yellow: some vaults use earlier OZ versions but implement a dead-shares burn or equivalent mitigation; or all vaults use earlier versions with curator-verified compensating controls. Red: one or more live ERC-4626 vaults use OZ below version 4.9 with no virtual-share offset or dead-shares mitigation.

**Common gray cases** Non-standard ERC-4626 implementations that do not use OpenZeppelin may have equivalent protections implemented differently; curator must verify the economic properties of the share accounting rather than the specific library version.

**Notable historical examples** - **bEarnFi** ($18M, 2021): Multi-layer vault with cross-token accounting vulnerability; related share-inflation class.

Measurement what to look for #

Determine whether ERC-4626 vaults use OpenZeppelin ≥4.9 virtual-share offset pattern to prevent first-depositor share-inflation.

Data & output #

Data source
Source inspection for `_convertToShares` implementation + OpenZeppelin version in `package.json` on Etherscan-verified source
Output format
Green / Yellow / Red
Evidence artifact
Source excerpt of share calculation + OZ version string
Confidence signal
green = OZ ≥4.9 virtual offset or equivalent mitigation present; yellow = non-OZ custom mitigation; red = no virtual offset and no first-depositor protection; gray = protocol is not an ERC-4626 vault (N/A) or source unverified

Scored protocols 80 carry this factor #

Protocol RD-F-074
Aave v3 ethereum gray Across Protocol ethereum gray Aerodrome Finance base not_applicable Axelar Network ethereum not_applicable Babylon Protocol bitcoin not_applicable Balancer (v2 + v3) ethereum yellow Beefy Finance ethereum not_applicable BENQI avalanche not_applicable BlackRock USD Institutional Digital Liquidity Fund (BUIDL) ethereum not_applicable Cap (cUSD / stcUSD) ethereum yellow Centrifuge ethereum gray Chainlink CCIP ethereum not_applicable Circle USYC binance not_applicable Compound V3 (Comet) ethereum not_applicable Concrete ethereum yellow Convex Finance ethereum not_applicable crvUSD (Curve Stablecoin) ethereum not_applicable Curve Finance ethereum not_applicable deBridge ethereum gray Dolomite ethereum yellow dYdX v4 (dYdX Chain) dydx not_applicable EigenLayer ethereum not_applicable Ethena ethereum green ether.fi ethereum not_applicable Euler V2 ethereum green Falcon Finance ethereum gray Fluid ethereum red Frax Finance ethereum yellow GMX v2 (GMX Synthetics) arbitrum not_applicable Hyperlane ethereum yellow Hyperliquid arbitrum not_applicable Jito solana not_applicable Jupiter solana not_applicable Jupiter Perpetual Exchange solana not_applicable JustLend DAO tron not_applicable Kamino Lend solana not_applicable Kinetiq hyperliquid not_applicable Lido ethereum not_applicable Liquid Collective (LsETH) ethereum not_applicable Liquity V1 + V2 (LUSD / BOLD) ethereum not_applicable Lista DAO bsc gray Lombard Finance ethereum gray M^0 ethereum not_applicable Maple Finance ethereum yellow Marinade Finance solana not_applicable Meteora solana not_applicable mETH Protocol ethereum not_applicable Midas ethereum not_applicable Morpho V1 (Morpho Blue + MetaMorpho) ethereum yellow Multipli ethereum yellow Ondo Finance ethereum gray OpenEden ethereum red Orca solana not_applicable PancakeSwap bsc not_applicable Pendle Finance ethereum yellow Polymarket polygon not_applicable QuickSwap polygon not_applicable Raydium solana not_applicable Rocket Pool ethereum not_applicable Sanctum solana not_applicable Save (formerly Solend) solana not_applicable Sky Lending (formerly MakerDAO) ethereum yellow Spark Protocol ethereum red Spiko stellar not_applicable Stake DAO ethereum not_applicable StakeWise v3 ethereum not_applicable Stargate Finance ethereum gray stHYPE (Valantis Labs) hyperliquid not_assessed SUNSwap (sun.io) tron not_applicable Superstate ethereum not_applicable Sushi (SushiSwap) — v2 + v3 + Trident + BentoBox/Kashi + SushiXSwap ethereum not_applicable Symbiotic ethereum not_applicable Synapse Protocol ethereum not_applicable Uniswap (v2 + v3) ethereum not_applicable USDD (Decentralized USD) tron not_applicable Usual (USD0 / bUSD0 / USUAL) ethereum not_applicable Veda (BoringVault) ethereum yellow Venus Protocol bsc yellow Wormhole ethereum not_applicable Yearn Finance ethereum yellow
3 red · 14 yellow · 2 green

Linked hacks 3 historical incidents #

relatedCurve LlamaLend — Empty-market donation attack on a freshly-listed lending market2026-03-02 · $240K · Empty-market donation attack on a freshly-listed lending market · _decimalsOffset() returning 0 + no virtual deposit; same ERC-4626 first-depositor config error as Venus
relatedVenus Protocol (zkSync Era deployment) — Empty-market donation attack on a freshly-deployed market with no virtual liquidity / no `_decimalsOffset()` first-depositor protection2025-03-29 · $902K · Empty-market donation attack on a freshly-deployed market with no virtual liquidity / no `_decimalsOffset()` first-depositor protection · _decimalsOffset() returning 0 + no virtual deposit is the textbook ERC-4626 first-depositor configuration error
relatedbEarnFi (BvaultsBank) — Logic bug — token denomination mismatch between vault and strategy layers2021-05-16 · $18M · Logic bug — token denomination mismatch between vault and strategy layers · ERC-4626 virtual-share offset [via cross-hack: Factor 11: Multi-Layer Vault/Strategy Architecture With Cross-Token Accounting]
rubric_version v1.7.0 factor RD-F-074 category 4 carried 80 critical no