Solc version used (known-bug versions flagged)
BENQI's assessment for RD-F-170 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
Three compiler versions confirmed across BENQI components: (1) Core lending (Comptroller, qiTokens, Unitroller): Solidity 0.5.17 — confirmed by Snowtrace verification metadata for Comptroller 0x486Af39519B4Dc9a7fCcd318217352830E8AD9b4, verified 2021-11-02; (2) sAVAX StakedAvax.sol: pragma solidity 0.6.12 (confirmed from GitHub source); (3) Ignite contracts: Solidity 0.8.0+ (Dedaub 2023 audit: 'Solidity 0.8.0 or higher'). Checked against solc known-bugs list: Solidity 0.5.17 has no critical bugs relevant to the Compound V2 lending pattern (overflow protection handled by SafeMath.sol; no critical optimizer bugs for this contract type). 0.6.12 similarly stable. 0.8.x is modern. Green: no version on known-bug list with critical bugs relevant to the contract types deployed.
Sources #
- GitHubStakedAvax.sol — pragma 0.6.12StakedAvax.sol — pragma solidity 0.6.12 (confirmed from source)retrieved 2026-05-16
- Dedaub Ignite Audit — Solidity 0.8.0+Dedaub Ignite audit — Solidity 0.8.0 or higher used for Ignite contractsretrieved 2026-05-16
- Comptroller Snowtrace — compiler version 0.5.17BENQI Comptroller on Snowtrace — Solidity 0.5.17 verified 2021-11-02retrieved 2026-05-16
Methodology #
Identify the Solidity compiler version used for deployed bytecode and flag if it appears on the known-bug list (solc bugs.json or Vyper 0.2.15–0.3.0 range).
See the full factor methodology and distribution across all protocols →