SELFDESTRUCT reachable from non-admin path

Convex Finance's assessment for RD-F-011 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Source inspection of all major Convex contracts (Booster, VoterProxy, CVX token, CvxLockerV2, BaseRewardPool, ExtraRewardStashV3, BoosterOwner) found no SELFDESTRUCT opcode. Solidity 0.6.12 contracts confirmed via Etherscan source. VoterProxy source explicitly inspected and confirmed no selfdestruct.

Sources #

Etherscan
Convex Booster source (Etherscan - no selfdestruct)Booster 0xF403C1 - no selfdestructretrieved 2026-05-16
Etherscan
Convex VoterProxy source (Etherscan - no selfdestruct)VoterProxy 0x989AEb4d - no selfdestruct confirmedretrieved 2026-05-16

Methodology #

Determine whether any deployed contract contains the SELFDESTRUCT opcode in a code path reachable from a non-admin caller.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol convex-finance factor RD-F-011 score green collected_at 2026-05-16 02:41:28