★ Bridge ecrecover checks result ≠ address(0)
Aave v3's assessment for RD-F-151 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
a.DI uses confirmation-counting across authorized bridge adapters, not ecrecover-based signature verification. The ecrecover vulnerability pattern (Wormhole/Poly class) requires a verifier contract that can accept address(0) from a malformed signature — a.DI does not use this pattern. CCIP uses Chainlink DON off-chain attestation. Nomad/Wormhole ecrecover pattern not present.
Sources #
- GitHubaave-delivery-infrastructure GitHuba.DI CrossChainController — confirmation-counting, no ecrecoverretrieved 2026-04-27
- T-10 Aave v3 F151 findingT-10 §2.3.2 Cat 10 F151 GREENretrieved 2026-04-27
Methodology #
Determine whether the bridge verifier code rejects `ecrecover` returns of `address(0)`.
See the full factor methodology and distribution across all protocols →
rubric_version v1.7.0 protocol aave-v3 factor RD-F-151 score green collected_at 2026-04-27 23:28:46