Upstream vulnerability disclosure (last 90d)

dYdX v4 (dYdX Chain)'s assessment for RD-F-128 — scored not_applicable on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Not a fork; factor is structurally moot. Library dependency note: no new critical cosmos-sdk or cometbft security advisories in the 90 days prior to May 2026 assessment affecting the current dYdX fork. ISA-2025-005 patched July 2025; ISA-2025-002 (x/group, v0.50.12) addressed in prior releases.

Sources #

GitHub
cosmos/cosmos-sdk GitHub Security Advisoriescosmos/cosmos-sdk security advisoriesretrieved 2026-05-17

Methodology #

Determine whether the upstream has a public vulnerability disclosure in the last 90 days that affects this fork's deployed code.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol dydx-v4 factor RD-F-128 score not_applicable collected_at 2026-05-17 09:58:47