defirisk.co
rubric v1.7.0

First-depositor / share-inflation guard

A economic risk factor in the v1.7.0 rubric. Measured per protocol on a s cadence.

Methodology how we score #

**What this measures** This factor evaluates whether the protocol's vaults or lending markets implement a first-depositor guard against share inflation attacks. Acceptable guards include: a seed deposit locked at deploy time (dead shares), a virtual-share offset (OZ 4.9 implementation), or an explicit floor check that prevents first deposits from setting an exploitable exchange rate. The check covers both ERC-4626 vaults and Compound-fork cToken markets. Source inspection is the primary data source.

**Why it matters** The first-depositor share inflation attack affects any share-based accounting system where total supply can reach zero. The attack class spans cToken markets (RD-F-070), ERC-4626 vaults (RD-F-074), and hybrid architectures like Silo Finance where the receiver parameter allowed external depositors to inflate shares against capped markets. The common thread is that a zero-supply state creates a denominator-manipulation opportunity that the attacker can exploit before any legitimate user deposits. First-depositor guards (dead shares, virtual shares, or floor checks) eliminate this attack class by ensuring the denominator is never zero in practice.

**Green / Yellow / Red** Green: all share-based accounting systems in the protocol have a first-depositor guard implemented in code and verifiable on-chain. Yellow: some but not all share-based systems have guards, or guards exist for ERC-4626 vaults but not for cToken-style markets. Red: no first-depositor guards in any share-based accounting system, or guards exist in documentation but are not enforced in deployed code.

**Common gray cases** Protocols that deploy markets with a founding team deposit (non-code-enforced) may argue the risk is mitigated; curator must verify whether the founding deposit is locked in a way that prevents withdrawal before user deposits arrive, not merely present at the time of assessment.

**Notable historical examples** No cross-hacked incidents currently linked in database for this factor.

Measurement what to look for #

Determine whether the vault has a first-depositor guard (seed deposit on deploy, virtual-share offset, or floor-check).

Data & output #

Data source
Source inspection + deploy transaction analysis for seed deposit on Etherscan-verified source
Output format
Green / Yellow / Red
Evidence artifact
Source excerpt of guard logic OR deploy tx showing seed deposit
Confidence signal
green = explicit guard present (seed deposit confirmed on-chain OR virtual offset ≥10^3); yellow = protocol docs claim guard but on-chain evidence absent; red = no guard mechanism identifiable; gray = not an ERC-4626 vault (N/A) or source unverified

Scored protocols 80 carry this factor #

Protocol RD-F-075
Aave v3 ethereum green Across Protocol ethereum red Aerodrome Finance base not_applicable Axelar Network ethereum not_applicable Babylon Protocol bitcoin not_applicable Balancer (v2 + v3) ethereum yellow Beefy Finance ethereum yellow BENQI avalanche not_applicable BlackRock USD Institutional Digital Liquidity Fund (BUIDL) ethereum not_applicable Cap (cUSD / stcUSD) ethereum green Centrifuge ethereum gray Chainlink CCIP ethereum not_applicable Circle USYC binance not_applicable Compound V3 (Comet) ethereum green Concrete ethereum yellow Convex Finance ethereum not_applicable crvUSD (Curve Stablecoin) ethereum not_applicable Curve Finance ethereum not_applicable deBridge ethereum gray Dolomite ethereum yellow dYdX v4 (dYdX Chain) dydx not_applicable EigenLayer ethereum not_applicable Ethena ethereum green ether.fi ethereum not_applicable Euler V2 ethereum green Falcon Finance ethereum gray Fluid ethereum yellow Frax Finance ethereum yellow GMX v2 (GMX Synthetics) arbitrum green Hyperlane ethereum yellow Hyperliquid arbitrum not_applicable Jito solana not_applicable Jupiter solana not_applicable Jupiter Perpetual Exchange solana not_applicable JustLend DAO tron red Kamino Lend solana not_applicable Kinetiq hyperliquid not_applicable Lido ethereum not_applicable Liquid Collective (LsETH) ethereum not_applicable Liquity V1 + V2 (LUSD / BOLD) ethereum not_applicable Lista DAO bsc red Lombard Finance ethereum gray M^0 ethereum not_applicable Maple Finance ethereum yellow Marinade Finance solana not_applicable Meteora solana not_assessed mETH Protocol ethereum not_applicable Midas ethereum not_applicable Morpho V1 (Morpho Blue + MetaMorpho) ethereum yellow Multipli ethereum yellow Ondo Finance ethereum gray OpenEden ethereum yellow Orca solana not_applicable PancakeSwap bsc not_applicable Pendle Finance ethereum yellow Polymarket polygon not_applicable QuickSwap polygon not_applicable Raydium solana not_applicable Rocket Pool ethereum not_applicable Sanctum solana not_applicable Save (formerly Solend) solana green Sky Lending (formerly MakerDAO) ethereum yellow Spark Protocol ethereum yellow Spiko stellar not_applicable Stake DAO ethereum not_applicable StakeWise v3 ethereum yellow Stargate Finance ethereum gray stHYPE (Valantis Labs) hyperliquid not_assessed SUNSwap (sun.io) tron not_applicable Superstate ethereum not_applicable Sushi (SushiSwap) — v2 + v3 + Trident + BentoBox/Kashi + SushiXSwap ethereum yellow Symbiotic ethereum not_applicable Synapse Protocol ethereum not_applicable Uniswap (v2 + v3) ethereum not_applicable USDD (Decentralized USD) tron not_applicable Usual (USD0 / bUSD0 / USUAL) ethereum not_applicable Veda (BoringVault) ethereum yellow Venus Protocol bsc yellow Wormhole ethereum not_applicable Yearn Finance ethereum yellow
3 red · 19 yellow · 7 green

Linked hacks no historical incidents linked #

No historical incidents are linked to this factor.
rubric_version v1.7.0 factor RD-F-075 category 4 carried 80 critical no