Solc version used (known-bug versions flagged)

Concrete's assessment for RD-F-170 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Deployed bytecode: solc v0.8.27+commit.40a35a09 (confirmed on Etherscan for 0x224f3450 and 0x21051573; consistent with foundry.toml). Applicable compiler bug for 0.8.27: LostStorageArrayWriteOnSlotOverflow (SOL-2025-1, Low severity, affects 0.1.0–0.8.31) — low severity, requires specific storage slot overflow conditions unlikely in ERC-4626 vault math with OZ 5.2.0 SafeMath patterns. No high or critical compiler bugs affect 0.8.27. Yellow — one low-severity compiler bug technically in scope for 0.8.27, but exploitability is low for this contract type.

Sources #

Etherscan
ConcreteFactory implementation EtherscanConcreteFactory impl 0x224f3450 — solc v0.8.27+commit.40a35a09retrieved 2026-05-17
URL
Solidity known bugs listSolc bugs.json — LostStorageArrayWriteOnSlotOverflow Low severity affects 0.1.0–0.8.31retrieved 2026-05-17

Methodology #

Identify the Solidity compiler version used for deployed bytecode and flag if it appears on the known-bug list (solc bugs.json or Vyper 0.2.15–0.3.0 range).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol concrete factor RD-F-170 score yellow collected_at 2026-05-17 14:36:59