defirisk.co
rubric v1.7.0

First-depositor / share-inflation guard

Circle USYC's assessment for RD-F-075 — scored not_applicable on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

USYC is not a share-based vault. Minting requires passing KYC/OFAC screening via the RolesAuthority/Entitlements contract and goes through the Teller at current NAV price. No first-depositor share-inflation attack surface exists by construction: the permissioned minting mechanism ensures no attacker can be the first depositor in an empty vault context. PD-024: lending-only; also not an ERC-4626 vault pattern.

Sources #

  • Etherscan
    Etherscan - USYC RolesAuthorityProxy (permissioned minting)RolesAuthorityProxy 0x902D906b8d988092213bE799B18Bd2cbd64F808C manages KYC allowlist; Teller 0xeE35F963BFC71b51eC95147f26c030D674ea30e6 enforces permissioned minting at NAV price - no vault share formula exploitable by attackerretrieved 2026-05-16

Methodology #

Determine whether the vault has a first-depositor guard (seed deposit on deploy, virtual-share offset, or floor-check).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol circle-usyc factor RD-F-075 score not_applicable collected_at 2026-05-15 21:56:43