Signed/unsigned arithmetic confusion

Axelar Network's assessment for RD-F-018 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Solidity 0.8.x enforces overflow/underflow protection by default (reverts on both). EVM contracts use 0.8.0+ (AxelarGateway) and 0.8.23 (GasService) and 0.8.19 (InterchainGovernance). ECDSA library uses standard uint8/bytes32 patterns. No signed/unsigned confusion finding in any of 13+ audit firm engagements.

Sources #

GitHub
AxelarGateway - Solidity 0.8.x Overflow ProtectionAxelarGateway.sol pragma ^0.8.0 - Solidity 0.8.x overflow protection appliesretrieved 2026-05-17

Methodology #

Determine whether signed-integer conversions or comparisons where unsigned was intended exist in the deployed bytecode/source.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol axelar factor RD-F-018 score green collected_at 2026-05-16 21:57:49