★ Audit scope mismatch

Babylon Protocol's assessment for RD-F-001 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Seven audit engagements span Phase-1 through V2 upgrade. OpenZeppelin April 2026 research found 4 live vulnerabilities — all confirmed fixed with merged PRs (#584, #1911, plus 2 additional fixes confirmed by OZ blog). V4 upgrade audited by Coinspect, Halborn, Oak Security (reports not publicly located but referenced on audit docs page). No deployed module revision with zero audit coverage confirmed.

Sources #

URL
State Changes at the Boundary: Lessons From Security Research on BabylonOpenZeppelin April 2026 security research blogretrieved 2026-05-04
URL
Audit Reports | Babylon DocsBabylon audit reports pageretrieved 2026-05-04
GitHub
fix: checkpointing handle mismatch type of injected txGitHub PR #1911 merged 2026-01-05 (type assertion fix)retrieved 2026-05-04
GitHub
fix: Panic can be triggered in handling livenessGitHub PR #584 merged 2026-02-27 (jailing bypass fix)retrieved 2026-05-04

Methodology #

Check whether the commit SHA cited in the audit report matches the bytecode deployed at the production proxy/implementation address.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol babylon-protocol factor RD-F-001 score green collected_at 2026-05-04 19:43:27