BlackRock USD Institutional Digital Liquidity Fund (BUIDL)

DeploymentsArbitrum · —

Risk profile at a glance

1 red · 4 yellow · 6 green

Categories & evidence

184 factors · 13 categories

Code & audits Red 83 25 of 25

Governance & admin Yellow 30 24 of 24

RD-F-025 yellow Admin key custody type [PD-042 rescore 2026-05-12, v1.7.0+] Single-administrator / no-multisig design is intentional architecture for a regulator-controlled tokenized issuer (the regulator is the counterparty-discipline mechanism). However, the residual operational risk of a single deployer-key compromise concentrating large fund-token authority is real, and the factor is downgraded to yellow rather than not_applicable to keep that signal visible. Per PD-042 (Cat 2 RWA-issuer subset, residual-risk treatment). ORIGINAL EVIDENCE (preserved from v1.6.0 grading): Effective upgrade/owner role held by Securitize Deployer EOA (0xd69fefe5df62373dcbde3e1f9625cf334a2dae78) via chain of custom proxy contracts. No multisig, no timelock. Classification: EOA with 2,939 txs, operational hot-wallet pattern. RD-F-026 yellow Upgrade multisig signer configuration (M/N) DSToken role architecture defines ROLE_MASTER, ROLE_ISSUER, ROLE_TRANSFER_AGENT, ROLE_EXCHANGE — at least 2+ Securitize addresses hold admin roles. Specific addresses not publicly disclosed; cannot enumerate holders without direct RPC getRoleMember() calls. RD-F-027 yellow Single admin EOA [PD-042 rescore 2026-05-12, v1.7.0+] Single-administrator / no-multisig design is intentional architecture for a regulator-controlled tokenized issuer (the regulator is the counterparty-discipline mechanism). However, the residual operational risk of a single deployer-key compromise concentrating large fund-token authority is real, and the factor is downgraded to yellow rather than not_applicable to keep that signal visible. Per PD-042 (Cat 2 RWA-issuer subset, residual-risk treatment). ORIGINAL EVIDENCE (preserved from v1.6.0 grading): BUIDL proxy and admin chain trace to Securitize Deployer EOA (0xd69fefe5). No public multisig disclosed. setTarget() and setOwner() callable by EOA chain with no timelock. Etherscan confirms deployer label 'Securitize: Deployer' — EOA, 2,939 txs. RD-F-030 yellow Hot-wallet signer flag Deployer EOA (0xd69fefe5) shows high-velocity tx behavior (2,939 txs across multiple contracts), consistent with hot-wallet operational use. No multisig identified, so hot-wallet pattern applies to the admin key itself. RD-F-034 yellow Guardian/pause-keeper distinct from upgrader DSToken ROLE_MASTER holds pause; ROLE_TRANSFER_AGENT holds freeze/unfreeze; ROLE_ISSUER holds mint/seize. These role constants are distinct by design. Whether they map to distinct *addresses* is unverified — actual role holders not publicly disclosed. RD-F-035 yellow Role separation: upgrade ≠ fee ≠ oracle BUIDL has no oracle role. Upgrade role (setTarget) = proxy owner. No on-chain fee mechanism. Partial role separation exists (no oracle), but upgrade role is single-key. Fee and oracle roles effectively absent. RD-F-042 yellow Admin has mint() with unlimited max issueTokens() callable by ROLE_ISSUER; cap() function exists in implementation ABI suggesting supply ceiling. Current cap value not publicly readable without direct RPC call. BUIDL supply ~$2.5B with no disclosed hard cap. Score yellow; if cap = max(uint256) → red. RD-F-043 yellow Admin = deployer EOA after 7 days [PD-042 rescore 2026-05-12, v1.7.0+] Single-administrator / no-multisig design is intentional architecture for a regulator-controlled tokenized issuer (the regulator is the counterparty-discipline mechanism). However, the residual operational risk of a single deployer-key compromise concentrating large fund-token authority is real, and the factor is downgraded to yellow rather than not_applicable to keep that signal visible. Per PD-042 (Cat 2 RWA-issuer subset, residual-risk treatment). ORIGINAL EVIDENCE (preserved from v1.6.0 grading): Securitize Deployer EOA (0xd69fefe5) created BUIDL proxy 2024-03-01. 25+ months later admin chain still traces back to this EOA. No setOwner events detected. Only 1 internal tx (creation). Admin = deployer EOA without independent multisig transfer. RD-F-028 gray Low-threshold multisig vs TVL No multisig address publicly disclosed for BUIDL admin. Cannot compute threshold. At $2.5B TVL, peer norm would be ≥5-of-8. Absence of disclosure is itself a finding; underlying risk captured in RD-F-027 red. RD-F-029 gray Multisig signers co-hosted Not assessable — no multisig identified. Co-hosting risk cannot be evaluated without multisig address. RD-F-031 gray Signer rotation recency No multisig identified; signer rotation not assessable. Securitize Deployer EOA shows no setOwner events on BUIDL proxy since deploy — only 1 internal tx (creation) in 25-month history. RD-F-032 n/a Timelock duration on upgrades [PD-042 rescore 2026-05-12, v1.7.0+] Timelock on admin actions is incompatible with the regulatory response model: the issuer must be able to act immediately on court-ordered freeze, sanctions compliance, or fund-rules changes. Scored not_applicable per PD-042 (Cat 2 RWA-issuer subset). Residual operational risk of key compromise is captured by multisig-coverage factors (yellow rather than N/A). ORIGINAL EVIDENCE (preserved from v1.6.0 grading): No timelock. setTarget() callable directly by owner with no delay. Proxy source: function setTarget(address _target) external { require(msg.sender == _owner); emit ProxyTargetSet(_target); } — no TimelockController, no delay parameter. RD-F-033 n/a Timelock on sensitive actions [PD-042 rescore 2026-05-12, v1.7.0+] Timelock on admin actions is incompatible with the regulatory response model: the issuer must be able to act immediately on court-ordered freeze, sanctions compliance, or fund-rules changes. Scored not_applicable per PD-042 (Cat 2 RWA-issuer subset). Residual operational risk of key compromise is captured by multisig-coverage factors (yellow rather than N/A). ORIGINAL EVIDENCE (preserved from v1.6.0 grading): No timelock on any sensitive action (mint/pause/rescue/upgrade). All actions immediate via role-based access. DSToken ABI: issueTokens(), pause(), seize(), setTarget() — none route through TimelockController. No timelock contract found on Etherscan for BUIDL. RD-F-036 n/a Flash-loanable voting weight No on-chain governance. No governance token. No voting mechanism. Factor does not apply. RD-F-037 n/a Quorum achievable via single-entity flash loan No on-chain governance exists. Quorum-via-flash-loan analysis not applicable. RD-F-038 n/a Proposal execution delay < 24h No governance proposals. No Governor contract, no Snapshot space. Factor does not apply. RD-F-039 n/a delegatecall/call in proposal execution without allowlist No governance proposals or executor contract. delegatecall-in-proposal check not applicable. RD-F-040 n/a Emergency-veto multisig present No governance to veto. No on-chain cancel mechanism. Factor does not apply. RD-F-041 n/a Rescue/emergencyWithdraw without timelock [PD-042 rescore 2026-05-12, v1.7.0+] Forcible seize / burn / retrieve-token paths are the defining feature of a regulated tokenized RWA, REQUIRED by KYC, sanctions, and court-order compliance regimes. Treating them as a rug-risk signal misframes the protocol type. Scored not_applicable per PD-042 (Cat 2 RWA-issuer subset). ORIGINAL EVIDENCE (preserved from v1.6.0 grading): seize() and omnibusSeize() allow ROLE_ISSUER to forcibly transfer tokens from any holder wallet. No timelock. Directly callable by admin. Etherscan ABI: seize(address _from, uint256 _amount) — no timelock wrapper. DSToken: 'Tokens can be seized from their owner's wallet.' RD-F-044 gray Admin wallet interacts with flagged addresses No CTI/Chainalysis feed scan performed. Securitize is SEC-registered transfer agent — no public evidence of illicit wallet interactions. Cannot rule out without full cluster feed. Institutional context lowers prior, but not assessable. RD-F-045 n/a Constructor args match governance proposal No governance proposal for BUIDL deploy exists. Institutional deployer, no DAO. BUIDL was deployed by Securitize without a community governance proposal. RD-F-047 n/a Governance token concentration (Gini) No governance token. BUIDL security token is not a governance token. No separate governance token exists. RD-F-167 n/a Deprecated contract paused but pause reversible by live admin Factor targets deprecated surfaces specifically. No deprecated BUIDL contract identified as of 2026-04-26. Active surface pause power is captured in RD-F-033/034.

RD-F-046 green Contract unverified on Etherscan/Sourcify BUIDL proxy (0x7712c342) and implementation (0x603Bb690) both source-verified on Etherscan with full ABI. Solidity v0.8.13+commit.abaa5c0e. Verification status: exact match.

Oracle & external dependencies Yellow 25 17 of 17

RD-F-048 yellow Oracle providers used BUIDL token contract does not call any on-chain oracle. RedStone Trusted Single Source Oracle (TSSO) is consumed by third-party DeFi integrators (Morpho, Spark). Securitize Fund Services is sole authorized publisher. No Chainlink/Pyth multi-source fallback. Single-publisher architecture. RD-F-049 yellow Oracle role per asset BUIDL/USD: Primary = RedStone TSSO (Securitize Fund Services publisher). No secondary or fallback source identified. TSSO design is explicitly single-source for regulated NAV data. Primary only, no secondary confirmed. RD-F-050 yellow Dependency graph (protocols depended upon) Three material external dependencies: (1) Circle BUIDL Off-Ramp (0x31d3f59ad4aac0eee2247c65ebe8bf6e9e470a53) — on-chain USDC redemption; (2) Securitize platform — whitelist admin and transfer agent; (3) BNY Mellon — off-chain custodian. Dependencies documented but some have no on-chain redundancy. RD-F-051 yellow Fallback behavior on oracle failure BUIDL token contract has no on-chain oracle to fail. For downstream DeFi integrators using RedStone TSSO: no fallback source identified. If Securitize Fund Services fails to publish, feed stales and DeFi integrators may freeze BUIDL collateral markets. RD-F-052 yellow Breakage analysis per dependency Circle off-ramp fails: on-chain USDC redemption unavailable, BUIDL holders locked into TradFi T+2 redemption. Securitize platform fails: whitelist admin unavailable, peer-to-peer transfers freeze. BNY Mellon fails: NAV calculation disrupted. RedStone TSSO stales: DeFi integrators freeze BUIDL collateral. RD-F-057 yellow Circuit breaker on price deviation No circuit breaker identified in BUIDL token contracts. The $1.00 NAV is designed stable; BUIDL token contracts do not halt transfers if NAV deviates. DeFi integrators' individual circuit breakers are those protocols' responsibility. No on-chain circuit breaker in BUIDL contracts. RD-F-054 n/a TWAP window duration BUIDL does not use a TWAP oracle. RedStone TSSO is a push-oracle with daily NAV update cadence, not a TWAP window over a DEX pool. RD-F-055 n/a Oracle pool depth (USD) No DEX pool feeds BUIDL's oracle. RedStone TSSO is a push-oracle from an authorized off-chain source, not derived from DEX pool liquidity. RD-F-056 n/a Single-pool oracle (no medianization) Single-pool DEX oracle medianization check not applicable. BUIDL uses no DEX oracle. Single-source publisher risk documented under RD-F-048. RD-F-058 n/a Max-deviation threshold (bps) No circuit breaker exists in BUIDL contracts (RD-F-057 = no circuit breaker). Max-deviation threshold not configurable. RD-F-059 n/a Oracle staleness check present No oracle read at BUIDL token contract layer. Downstream DeFi integrators' staleness checks are those protocols' responsibility. BUIDL token itself has no oracle staleness check to assess. RD-F-060 n/a Chainlink aggregator min/max bound misconfig BUIDL does not use Chainlink. Chainlink aggregator min/max bound check not applicable. RD-F-061 n/a LP token balanceOf used for pricing BUIDL is not an LP token and is not priced via balanceOf reads. Factor not applicable. RD-F-180 gray Immutable oracle address BUIDL token contract itself consumes no oracle — F180 immutability question does not arise at BUIDL token layer. RedStone TSSO feed contract address not publicly disclosed; oracle address mutability cannot be confirmed. Risk at DeFi integrator layer (Morpho, Spark) is those protocols' Cat 3 finding. RD-F-181 n/a Permissionless-pool lending oracle BUIDL is an RWA token issuer, not a lending protocol. Permissionless-pool lending oracle check not applicable.

RD-F-053 green Oracle source = spot DEX pool (no TWAP) BUIDL does not use a spot DEX pool oracle. RedStone TSSO is a push-oracle with authorized publisher (Securitize Fund Services), not a DEX pool spot price read. The $1.00 NAV is maintained off-chain by regulated fund accounting. F053 trigger condition does not apply.

RD-F-062 green External keeper/relayer not redundant Circle off-ramp contract (0x31d3f59a) is not a keeper/relayer. BUIDL does not depend on Gelato, Chainlink Automation, or equivalent. Securitize platform administers whitelist operations; no automated keeper identified.

Economic risk Yellow 22 13 of 13

RD-F-064 yellow TVL concentration (top-10 wallet share) Top-10 holders control approximately 98% of supply. Total holder count ~100 across all chains. Ethereum primary chain: only 6 holders hold ~$1.12B. Expected for institutional fund ($5M minimum investment) but single large holder redemption could dominate daily redemption flow. RD-F-065 yellow Liquidity depth per major asset BUIDL not traded on open AMMs. UniswapX institutional venue (Feb 2026) provides OTC liquidity for whitelisted investors via Wintermute/Flowdesk. Primary liquidity: Circle USDC Off-Ramp (0x31d3f59a) — 1:1 BUIDL→USDC, 24/7, minimum 250,000 USDC. Circle reserve capacity not publicly disclosed. RD-F-066 n/a Utilization rate (lending protocols) BUIDL is a tokenized MMF, not a lending protocol. No borrow markets exist. RD-F-067 n/a Historical bad-debt events No lending, no borrowing, no bad debt mechanism in BUIDL. RD-F-068 n/a Collateralization under stress BUIDL is fully backed 1:1 by off-chain assets. No on-chain collateralization ratio exists. RD-F-069 n/a Algorithmic / under-collateralized stablecoin BUIDL is not a stablecoin. $1.00 NAV maintained by BlackRock off-chain asset management, not by an algorithm. RD-F-070 n/a Empty cToken-style market (zero supply/borrow) BUIDL is not a Compound V2 fork. No cToken markets, no share-inflation attack surface. Token accounting is simple ERC-20: 1 BUIDL = 1 USD, minted on subscription, burned on redemption. Critical flag not triggered. RD-F-071 n/a Seed-deposit requirement for new market listing No market-listing mechanism. New investors subscribe through Securitize (KYC/AML whitelist), not through a market-listing governance process. RD-F-072 n/a Market-listing governance threshold No market listings. Access is gated by Securitize whitelist at the contract level. RD-F-073 n/a Oracle-manipulation-proof borrow cap No borrow markets, no oracles used for pricing, no borrow caps. Not applicable. RD-F-074 n/a ERC-4626 virtual-share offset (OZ ≥4.9) BUIDL is not an ERC-4626 vault. It is a transfer-restricted ERC-20 token. No virtual share offset needed. RD-F-075 n/a First-depositor / share-inflation guard No vault share mechanics. BUIDL mints 1 token per $1.00 subscribed, directly by Securitize upon KYC/AML approval. No AMM, no vault, no first-depositor attack surface.

RD-F-063 green TVL (current + 30d trend) $2.50B TVL current; +15.41% over 30 days; 12-month peak ~$2.9B (June 2025). Trend is up. Fund experienced -$447M drawdown in August 2025 but recovered. AUM = token supply at $1.00/token — BUIDL never deviates from $1.00 NAV.

Operational history Green 4 15 of 15

RD-F-084 yellow TVL stability (CoV over 90d) TVL trend strongly upward (+15% 30d, +31% prior month per rwa.xyz). CoV cannot be computed without DeFiLlama daily series (fetch returned 403). Organic institutional inflow pattern suggests low CoV; yellow assigned pending exact σ/μ calculation. RD-F-081 n/a Post-exploit response score No prior exploits. Post-exploit response score cannot be assessed where no incident exists. RD-F-082 n/a Post-mortem published within 30 days No prior exploits. Post-mortem publication metric not applicable. RD-F-083 n/a Auditor re-engaged after last exploit No prior exploits. Re-engagement of auditor after exploit not applicable. RD-F-085 n/a Incident response time (minutes) No prior exploits. Incident response time metric not applicable. RD-F-086 n/a Pause activations (trailing 12 months) BUIDL uses whitelist-based transfer restriction, not a DeFi-standard ERC-20 Pausable pattern. DeFi-taxonomy pause mechanism is N/A for this institutional security token architecture. RD-F-087 n/a Pause > 7 consecutive days No DeFi-standard pause mechanism exists. Transfer-restriction via whitelist removal does not constitute a 'pause' as defined in the taxonomy. Not applicable. RD-F-089 gray Insurance coverage active DeFi insurance providers (Nexus Mutual, Sherlock, Unslashed) do not offer coverage for permissioned institutional security tokens. Factor is structural N/A-in-practice for this protocol type — the taxonomy lacks a formal carve-out for RWA issuers. BNY Mellon custody is a TradFi custodian arrangement. Curator note: scored gray not red per ops-history-analyst methodology issue flag.

RD-F-076 green Protocol age (days) ~767 days live (2024-03-20 to 2026-04-26). Exceeds ≥365-day green threshold. Clears A-grade floor.

RD-F-077 green Prior exploit count 0 prior exploits. Hack DB search, rekt.news, DeFiLlama hacks API all return null for BUIDL. BlackRock 10-K (2025-02-25) states no material cybersecurity impact.

RD-F-078 green Chronic-exploit flag (≥3 incidents) Zero incidents — CHRONIC badge (≥3 same-root-cause exploits in 24 months) not triggered.

RD-F-079 green Same-root-cause repeat exploit Zero incidents — no same-root-cause repeat to assess.

RD-F-080 green Days since last exploit No incidents recorded; treated as >365 days since last exploit (green threshold).

RD-F-088 green Re-deployed to new addresses in last year No full redeployment in last 12 months. BNB Chain share class (Nov 2025) is additive, not a replacement. Primary Ethereum contract at 0x7712c342 remains in place since 2024-03-01 creation.

RD-F-166 green Deprecated contracts still holding value No deprecated contracts. All eight chain deployments are active and growing. No share class has been deprecated or sunset as of 2026-04-26.

Real-time signals Green 0 22 of 22

RD-F-090 n/a Mixer withdrawal → protocol interaction KYC/AML whitelist structurally eliminates mixer-funded wallet interaction path. All BUIDL holders are KYC/AML-verified by Securitize. No DeFi-native permissionless interaction surface. RD-F-091 n/a Partial-drain test transactions No permissionless withdrawal mechanism. Redemptions are institutional subscription/redemption processed off-chain. No partial-drain test pattern possible from anonymous actor. RD-F-092 gray Unusual mempool pattern from deployer wallet Deployer wallet is a Securitize operational address. Baseline mempool behavior not established. Applicable in theory (any unusual deploy/admin tx sequence would appear in mempool), but no anomalous pattern detected. RD-F-093 n/a Abnormal gas-price willingness from attacker wallet KYC whitelist prevents attacker wallet interaction with BUIDL contracts. Only whitelisted wallets can transact. Abnormal gas-price signal inapplicable. RD-F-094 gray New contract with similar bytecode to exploit template Theoretically applicable — malicious actor could deploy a contract mimicking BUIDL's bytecode to phish investors. No such deployment detected in public monitoring. Applicable as a phishing-platform vector, not protocol-attack vector. RD-F-095 n/a Known-exploit function-selector replay BUIDL is not a forked DeFi protocol with known exploit templates. Proprietary Securitize platform — no known exploit template in public exploit databases for this codebase. RD-F-096 n/a New ERC-20 approval to unverified contract from whale BUIDL transfer restrictions constrain standard ERC-20 approval mechanism. Institutional custody standards further mitigate. Signal inapplicable. RD-F-097 n/a Sybil surge of identical-pattern transactions BUIDL KYC/AML whitelist means each address must pass institutional KYC individually — structural Sybil resistance. Sybil patterns affecting DeFi governance cannot apply to BUIDL's whitelisted architecture. RD-F-099 n/a Oracle price deviation >X% from secondary No on-chain oracle. NAV is $1.00 maintained off-chain by BlackRock/BNY Mellon. No Chainlink, Pyth, or DEX oracle used. Oracle price deviation signal inapplicable. RD-F-100 n/a Flash loan >$10M targeting protocol tokens KYC whitelist prevents any flash-loan interaction. No AMM pool holding BUIDL accessible publicly. Flash-loan attack surface does not exist. RD-F-101 n/a Large governance proposal queued No on-chain governance. No Governor contract, no Snapshot space, no DAO. Admin rights held via contract owner(). No governance proposal signal applicable. RD-F-103 gray Bridge signer-set change proposed/executed Wormhole is designated cross-chain interoperability provider. No confirmed user-facing Wormhole bridge endpoints for BUIDL documented. Each chain is separately issued share class. Wormhole general guardian set shows no unscheduled changes. RD-F-104 gray Stablecoin depeg >2% on shared-LP venue BUIDL portfolio is US T-bills + overnight repo — no stablecoin exposure in fund assets. Circle off-ramp uses USDC; if USDC depegged, redemption path would be impaired but fund NAV unaffected. USDC depeg threshold (≥5% TVL exposure to depegging stable) not met for core architecture. RD-F-106 n/a Cross-chain bridge unverified mint pattern Each BUIDL chain deployment is separately issued share class, not bridge-minted. The deposit-on-src, mint-on-dst-without-proof attack pattern does not apply. RD-F-107 gray Admin EOA signing from new geography/device Requires off-chain signing telemetry (device fingerprint, geography) — not available through public on-chain data. Securitize is a regulated entity with institutional security practices (MFA, hardware tokens expected). RD-F-108 n/a GitHub force-push to sensitive branch No public GitHub repository exists for BUIDL or the Securitize tokenization platform. GitHub force-push signal requires public repo access. Not applicable for closed-source proprietary platform. RD-F-109 gray Social-media impersonation scam spike BlackRock and Securitize have official X accounts. No BUIDL-specific Discord or Telegram. BlackRock's fraud warning page acknowledges impersonation risk. No confirmed social media scam spike targeting BUIDL investors found. RD-F-110 n/a Unusual pending/executed proposal ratio No on-chain governance proposals exist. Pending/executed proposal ratio signal requires governance contract. Not applicable. RD-F-182 gray Security-Council threshold reduction (RT) Admin architecture not confirmed as multisig. No Security Council or multisig with published threshold parameters exists publicly for BUIDL. If owner() resolves to a multisig, the threshold-reduction signal would become applicable. Governance-admin-analyst confirmed owner chain is EOA-controlled (RD-F-027 red).

RD-F-098 green TVL anomaly — % drop in <1h TVL ~$2.503B, trend +15.41% over 30 days (rwa.xyz, mid-April 2026). No anomalous drop. Threshold: TVL_now / TVL_baseline_30d < 0.70 within 60 min. Current delta is positive.

RD-F-102 green Admin/upgrade transaction in mempool Ethereum proxy setTarget() and setOwner() callable by owner() — would appear in mempool. No anomalous admin tx detected in recent Etherscan history as of 2026-04-26. Signal applicable; no current anomaly.

RD-F-105 green DNS/CDN/frontend hash drift Securitize.io is the primary investor portal. No DNS drift or SSL certificate anomaly detected via public CT logs as of 2026-04-26. Securitize uses enterprise-grade hosting. No confirmed typosquat or impersonator domain found.

Dev identity & insider risk Green 3 16 of 16

RD-F-123 yellow Sudden admin-rescue/ACL change without discussion Proxy exposes setTarget() and setOwner() with no timelock; no public governance forum or GitHub. Any upgrade occurs without public discussion by design. Securitize is SEC-regulated with internal change-management — not the insider-implant class this factor targets. Yellow: institutional-substitute controls. RD-F-116 n/a Contributor tenure at admin-permissioned PR No public GitHub repo for BUIDL. Securitize has operated since 2017; admin changes executed by staff with multi-year tenure at a regulated entity. N/A for institutional issuer. RD-F-117 n/a ENS/NameStone identity bound to deployer Institutional deployers do not bind ENS names. No ENS resolution found for BUIDL proxy contract address. RD-F-119 n/a Commit timezone consistent with stated geography No public repository. Timezone commit anomaly flag inapplicable without commit history. N/A for institutional issuer.

RD-F-111 green Team doxx status Both principal operators fully doxxed. BlackRock: NYSE public company (BLK), CEO Larry Fink, Head of Digital Assets Robbie Mitchnick. Securitize: SEC-registered, Founders Carlos Domingo (CEO), Jamie Finn (President), Shay Finkelstein (CTO).

RD-F-112 green Team public accountability surface Extensive accountability surface. Carlos Domingo: US Congressional testimony 2024-06-05, CoinDesk Most Influential 2025. Robbie Mitchnick: CNBC video appearances, AIMA board. Multi-year verifiable professional histories.

RD-F-113 green Team other-protocol involvement history No prior DeFi protocol involvement. Securitize co-founders from enterprise tech (AT&T, Telefonica, O2, Ericsson) and venture (SPiCE VC). BlackRock digital assets team are TradFi professionals. No rug or failed DeFi protocol association.

RD-F-114 green Deployer address prior on-chain history Securitize platform deploys multiple tokenized funds (Apollo, Hamilton Lane, VanEck). Deployer history reflects institutional tokenization activity. No rug-deployer label found.

RD-F-115 green Prior rug/exit-scam affiliation None. Securitize operated since 2017, processed multiple institutional tokenized fund launches, proceeding toward Nasdaq listing (SECZ SPAC). BlackRock is a 37-year-old publicly traded asset manager.

RD-F-118 green Handle reuse across failed/rugged projects No handle reuse found. Securitize @Securitize (X) and Carlos Domingo @carlosdomingo (X) are longstanding accounts associated with consistent institutional identity since 2017.

RD-F-120 green Video-off/voice-consistency flag Robbie Mitchnick (CNBC video 2026-03-12, on-camera) and Carlos Domingo (Bloomberg video 2024-07-09) have extensive on-camera appearances with consistent real-world identities. No video-off or inconsistency flag.

RD-F-121 green Contributor OSINT depth score Score 5/5 for all identified principals. Carlos Domingo and Robbie Mitchnick both have multi-year LinkedIn histories, conference appearances, published interviews, and congressional testimony records.

RD-F-122 green Contributor paid to DPRK-cluster wallet No contributor-payment-to-wallet trail to DPRK cluster. Securitize pays employees in fiat (SEC-registered); no on-chain contributor payroll. Mandatory OFAC screening by employer makes ≤3-hop DPRK routing structurally excluded.

RD-F-124 green Deployer wallet mixer-funded within 30 days No mixer interaction found. Securitize is SEC-registered AML-compliant entity — mixer funding would be a federal AML violation. Contract deployed 2024-03-01 by Securitize institutional platform wallet.

RD-F-125 green Deployer linked within 3 hops to DPRK/Lazarus No DPRK/Lazarus proximity. Both operators are US-domiciled, SEC-regulated, with mandatory OFAC screening. BlackRock is NYSE-listed (BLK). Securitize in active Nasdaq SPAC registration (SECZ) with SEC S-4 filings reviewed by regulators.

RD-F-184 green Real-capital social-engineering persona BlackRock ($10T AUM, NYSE-listed) and Securitize (SEC-registered, pending Nasdaq listing) are maximally disclosed regulated entities. Factor targets anonymous personas building credibility before social-engineering attacks — not applicable for fully doxxed institutional operators.

Fork / dependency lineage Gray 0 10 of 10

RD-F-126 n/a Is-a-fork-of BUIDL is not a fork of any DeFi protocol. The Securitize DSToken is an original proprietary digital securities protocol. No bytecode similarity to known DeFi upstream found. RD-F-127 n/a Upstream patch not merged Not applicable — no upstream fork source. DSToken is original Securitize IP. No upstream security patch advisory feed to monitor. RD-F-128 n/a Upstream vulnerability disclosure (last 90d) Not applicable — no upstream DeFi protocol. Securitize's own DSToken platform has no public security advisory feed. RD-F-129 n/a Code divergence from upstream (%) Not applicable — no upstream fork point to diff against. RD-F-130 n/a Fork depth (generations from original audit) Not applicable — BUIDL is not a fork. Depth = 0 (original). Metric is moot. RD-F-131 n/a Fork retains upstream audit coverage Not applicable — not a fork. Relevant audit coverage question is addressed by Cat 1 (RD-F-004: zero audits of deployed code). RD-F-132 n/a Fork has different economic parameters than upstream Not applicable — not a fork. No upstream audited defaults to compare against. RD-F-133 gray Dependency manifest uses unpinned versions No public repository or manifest (package.json / foundry.toml) found for BUIDL contracts. Securitize GitHub shows dstoken and bc-dstoken-class-swap-sc using Hardhat/TypeScript, but the BUIDL deployment manifest is not publicly accessible. Cannot determine version pinning. RD-F-134 gray Dependency had malicious-release incident (last 90d) No public dependency manifest accessible for BUIDL contracts. Cannot check npm/GHSA advisory against installed dependency versions. RD-F-135 gray Shared-library version with known-vuln status No public manifest found. Cannot determine OZ/Solady versions used. Proxy contract uses raw Solidity 0.8.13 with no visible OZ library imports in the minimal 4-function proxy source. Implementation source unverified.

Post-deploy hygiene & change mgmt Green 13 13 of 13

RD-F-139 yellow Post-audit code changes without re-audit Cyfrin audited 10 Securitize platform components (Jul 2024–Aug 2025); Halborn audited DSToken framework (Sept 2025). None specifically scope the BUIDL Ethereum implementation (0x603Bb690) at its deployed commit SHA. No post-deploy upgrade events detected. Framework audits partially cover codebase but no BUIDL-specific audit with bytecode match confirmed. RD-F-142 yellow Storage-layout collision risk across upgrades Custom proxy pattern (setTarget()) does not use standard OZ Transparent or UUPS storage layout conventions. Storage layout collision risk not formally validated. No OZ upgrades-plugin report exists. No upgrade has occurred to test collision. Low urgency given zero upgrade history. RD-F-143 yellow Reinitializable implementation (no _disableInitializers) DSToken v4 uses an initialized() guard (visible in ABI), suggesting an initialization lock. Whether constructor calls OZ's _disableInitializers() is not confirmed from ABI alone. Custom proxy's setTarget() mechanism reduces direct re-init risk vs. standard UUPS. Conservative score: yellow. If _disableInitializers() absent in constructor → red. RD-F-136 gray Deployed bytecode matches signed release tag No public GitHub repository for BUIDL token contracts. No signed release tag exists. Bytecode reproducibility cannot be verified. Etherscan shows verified source but no matching repo commit SHA. RD-F-140 gray Fix-merged-but-not-deployed gap No public repo; not assessable. Cannot compare merged PRs to deployed bytecode. RD-F-144 n/a CREATE2 factory permits same-address redeploy BUIDL proxy not deployed via CREATE2 factory (deployed directly by Securitize Deployer EOA via standard CREATE). Factor not applicable. RD-F-145 gray Deployed bytecode reproducibility No public repo. Cannot reproduce bytecode from public source. Not assessable. RD-F-185 gray Bridge rate-limiter / chain-pause as positive mitigant Wormhole is Securitize's cross-chain interoperability provider for BUIDL share-class conversions. BUIDL per-chain deployments are separate share classes (not bridge-wrapped). No per-window outflow rate-limiter documented for BUIDL-specific Wormhole integration. No chain-pause capability documented. Factor targets user-facing bridge protocols; BUIDL architecture is admin-mediated institutional settlement.

RD-F-137 green Upgrade frequency (per 90 days) No ProxyTargetSet or implementation upgrade events detected since BUIDL proxy creation (2024-03-01). Only 1 internal tx (creation). Current implementation 0x603Bb690 appears to be original — no upgrades in 25 months.

RD-F-138 green Hot-patch deploys without timelock (last 30 days) No upgrade events in last 30 days (or ever). Zero hot-patch events observed in full 25-month BUIDL history.

RD-F-141 green Test-mode parameters in deploy initialized() state variable readable from implementation confirms the token was initialized. No test oracle or infinite-allowance test configuration found in ABI. DSToken deploy pattern is production-standard. No test-mode indicators visible.

RD-F-146 green New contract deploys in last 30 days No new BUIDL Ethereum contract deploys in last 30 days detected. Existing multi-chain share classes are stable. BNB Chain address gap noted from profile but not a fresh Ethereum deploy.

RD-F-168 green Stale-approval exposure on deprecated router BUIDL's transfer restrictions enforce that only whitelisted wallets can hold BUIDL. Standard ERC-20 stale approval risk is structurally mitigated. No deprecated BUIDL router identified.

Cross-chain & bridge Gray 0 12 of 12

Threat intelligence & recon Green 8 8 of 8

RD-F-161 yellow Protocol-impersonator domain registered (typosquat) BlackRock maintains a corporate fraud warning page acknowledging that fraudsters create lookalike domains. No specific BUIDL-impersonating typosquat domain confirmed in web search (2026-04-26). Institutional investor audience (min. $5M investment) reduces phishing efficacy. Yellow: acknowledged risk, no confirmed active instance. RD-F-160 n/a GitHub malicious-dependency incident touching protocol deps No public GitHub repository for BUIDL or Securitize tokenization platform. GitHub security advisory monitoring not applicable to closed-source proprietary platform. RD-F-162 n/a Known-exploit-template selector deployed by any address No known exploit templates for BUIDL's bespoke Securitize codebase. Proprietary codebase with no public exploit template history. RD-F-163 gray Avg attacker reconnaissance time for peer-class protocols For institutional RWA issuers, applicable reconnaissance pattern is social engineering against Securitize employees or supply-chain attack on Securitize platform — not on-chain wallet reconnaissance. On-chain access is whitelisted. Average institutional reconnaissance window not established in hack database for this protocol class. RD-F-165 n/a Protocol social channel has scam-coordinator flag No official BUIDL Discord or Telegram channel exists. Scam coordinator flag not applicable without community channels.

RD-F-158 green Known-threat-actor cluster has touched protocol KYC/AML whitelist prevents known-threat-actor wallets from interacting with BUIDL contracts. OFAC-listed addresses are structurally excluded by Securitize's compliance process. Securitize is a regulated US transfer agent with mandatory OFAC compliance obligations.

RD-F-159 green Attacker wallet pre-strike probe (low-gas failing txs) KYC whitelist causes transfer revert for non-whitelisted wallets. Low-gas failing txs from non-whitelisted wallets would revert before any protocol state is affected. Structural protection confirmed from Etherscan contract inspection.

RD-F-164 green Leaked credential on paste/sentry site No confirmed credential leak on public paste sites (Pastebin, GitHub gists) targeting Securitize as of 2026-04-26. BlackRock 10-K (2025-02-25) states no material cybersecurity impact.

Tooling / compiler / AI Yellow 33 5 of 5

RD-F-170 yellow Solc version used (known-bug versions flagged) Proxy (0x7712c342) uses Solidity v0.8.13+commit.abaa5c0e (confirmed Etherscan). Solidity 0.8.13 is not on known critical/high-severity solc bugs.json list for ERC-20/proxy patterns. However, 0.8.13 is not the latest stable patch. Implementation contract compiler version unknown (unverified). Yellow: proxy on non-latest but non-critical patch; implementation unknown. RD-F-174 yellow Dependency tree uses EOL Solidity version Proxy contract uses Solidity 0.8.13. Solidity 0.8.x is not EOL as of 2026-04-26; the 0.8.x release line continues to receive updates. 0.8.13 is not the latest patch but is not classified as EOL. Implementation contract version unknown (unverified). Yellow: proxy on non-latest patch within maintained major line. RD-F-171 n/a Bytecode similarity to audited upstream with behavior deviation Not applicable — no audited upstream DeFi protocol to compare against. BUIDL is an original Securitize DSToken. AI-copy risk factor requires an audited upstream comparator. RD-F-172 gray Repo shows AI-tool co-authorship in critical files No public GitHub repository exists for BUIDL-specific smart contracts. Securitize's public repos do not contain the BUIDL deployment contracts. Cannot inspect commit metadata for AI co-authorship trailers. RD-F-173 gray Team self-disclosure of AI-generated Solidity No public disclosure found from BlackRock or Securitize stating that AI-generated Solidity was used in BUIDL's security-critical paths. Searched Securitize blog, BlackRock tech communications. Absence of disclosure does not confirm absence of AI use.

Response & disclosure hygiene Green 0 4 of 4

RD-F-175 n/a Disclosure channel exists [PD-042 rescore 2026-05-12, v1.7.0+] Public DeFi-style disclosure channels (Immunefi, Cantina, GitHub post-mortems with public SLAs) are not the disclosure path for SEC-registered tokenized funds; disclosure flows through SEC filings, transfer-agent communications, and institutional channels. Scored not_applicable per PD-042 (Cat 13 RWA-issuer subset). ORIGINAL EVIDENCE (preserved from v1.6.0 grading): No public security disclosure channel for BUIDL smart contract vulnerabilities. BlackRock HackerOne (hackerone.com/blackrock) covers corporate IT/web properties only, not blockchain smart contracts. Securitize has no public security disclosure channel. No Immunefi program, no security.txt found. RD-F-176 n/a Disclosure SLA public [PD-042 rescore 2026-05-12, v1.7.0+] Public DeFi-style disclosure channels (Immunefi, Cantina, GitHub post-mortems with public SLAs) are not the disclosure path for SEC-registered tokenized funds; disclosure flows through SEC filings, transfer-agent communications, and institutional channels. Scored not_applicable per PD-042 (Cat 13 RWA-issuer subset). ORIGINAL EVIDENCE (preserved from v1.6.0 grading): No disclosure SLA published. BlackRock HackerOne and corporate disclosure policy do not state an acknowledgment-time SLA. Securitize has no published SLA. RD-F-175 red (channel missing) compounds to red here.

RD-F-177 green Prior known-ignored disclosure No evidence of a known-ignored disclosure. No prior incidents exist, so no post-mortem has documented a received-but-not-actioned vulnerability report. No security researcher public disclosures found referencing BUIDL or Securitize smart contract vulnerabilities.

RD-F-178 green CVE/GHSA advisory issued against protocol No CVE or GHSA advisory found against BUIDL token contracts or the Securitize tokenization platform. GitHub Advisory Database and NVD CVE search returned no results for 'BUIDL' or 'Securitize tokenization.'

rubric_version v1.7.0 graded_at 2026-05-12 09:40:43 factors 184 protocol blackrock-buidl