Disclosure SLA public

EigenLayer's assessment for RD-F-176 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No formal acknowledgment-time SLA (e.g., 72-hour ack) published in docs, GitHub SECURITY.md (absent), or Immunefi program page (inaccessible). The GitHub repo (eigenlayer-contracts) explicitly lacks a SECURITY.md: https://github.com/Layr-Labs/eigenlayer-contracts/security/policy states 'This project has not set up a SECURITY.md file yet.' The August 2025 EigenPods event demonstrates same-day response capability but no published SLA commitment. Immunefi platform-level practices apply by inference only.

Sources #

Governance
EigenPods Bug Fix Completed - August 29 2025 — EigenLayer ForumAugust 2025 EigenPods event — same-day response demonstrated but no SLA committedretrieved 2026-04-28
URL
EigenLayer Contracts — GitHub Security Policy (absent)GitHub security policy page — 'This project has not set up a SECURITY.md file yet'retrieved 2026-04-28

Methodology #

Determine whether the protocol publishes an acknowledgment-time SLA for disclosed vulnerabilities (e.g., 72h ack).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol eigenlayer factor RD-F-176 score yellow collected_at 2026-04-28 13:58:44