Chainlink aggregator min/max bound misconfig

Curve Finance's assessment for RD-F-060 — scored not_applicable on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

N/A — Curve DEX does not consume Chainlink feeds in swap pricing or rate oracle logic. The 19 Chainlink feed addresses in data cache are from integrating protocols referencing Curve pools as oracle source. No Chainlink aggregator dependency exists for Curve's own pool operations.

Sources #

Internal
Curve Finance data cache00-data-cache.json oracle_feeds — 19 Chainlink feeds are cross-protocol reference data, not consumed by Curveretrieved 2026-04-28
GitHub
Curve Tricrypto-NG main contractCurveTricryptoOptimizedWETH.vy — no Chainlink import or latestAnswer/latestRoundData callretrieved 2026-04-28

Methodology #

Determine whether the Chainlink aggregator's `minAnswer` and `maxAnswer` circuit-breaker bounds are misconfigured (too wide or too narrow) for the asset class.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol curve-v2 factor RD-F-060 score not_applicable collected_at 2026-04-28 19:48:40