defirisk.co
rubric v1.7.0

Oracle-manipulation-proof borrow cap

Chainlink CCIP's assessment for RD-F-073 — scored not_applicable on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Not applicable — lending-only factor per PD-024 resolution. No borrow cap, no oracle-fed price inputs for lending calculations. CCIP token pools use static token-bucket rate limits (capacity and refill rate parameters), not oracle-dependent borrow caps. Rate limits are configured by the rateLimitAdmin role and are static parameters, not dynamically adjusted by oracle price.

Sources #

  • Docs
    How Rate Limits Work | Chainlink DocumentationCCIP rate limit parameters (capacity, rate, isEnabled) — static configuration, not oracle-dependentretrieved 2026-05-16
  • Internal
    03-taxonomy.md Cat 4 PD-024 noteTaxonomy 03-taxonomy.md §Category 4 PD-024 resolution — F073 lending-only factorretrieved 2026-05-16

Methodology #

Determine whether the per-asset borrow cap is ≤ (oracle pool depth × manipulation-resistance multiplier).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol chainlink-ccip factor RD-F-073 score not_applicable collected_at 2026-05-16 01:55:09