defirisk.co
rubric v1.7.0

Cross-chain bridge unverified mint pattern

Cap (cUSD / stcUSD)'s assessment for RD-F-106 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

T-09 v2-deferred signal. LayerZero OFT bridge to MegaETH is live — an unverified-mint pattern (message forged on Ethereum → unbacked cUSD minted on MegaETH) is the applicable threat model. No cross-chain indexer live. No unverified-mint event detected via OSINT. DVN configuration gap compounds this (OApp address unverified — see RD-F-103 notes).

Sources #

  • Audit
    Electisec: LZ Vault AuditElectisec LZ vault audit 2025-05-25 — confirms LayerZero OFT vault is in scoperetrieved 2026-05-17

Methodology #

Detect cross-chain activity consistent with an unverified mint on the destination chain (deposit on source without corresponding verified proof on dest).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol cap factor RD-F-106 score gray collected_at 2026-05-17 10:56:24