SELFDESTRUCT reachable from non-admin path

Falcon Finance's assessment for RD-F-011 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Closed-source codebase; no published Slither suicidal detector output; cannot run tools. Standard OZ ERC-20 pattern unlikely to include SELFDESTRUCT but cannot confirm for all contracts, especially unaudited post-TGE contracts.

Detail #

No public GitHub; Slither cannot be run. Verified Etherscan source for USDf/sUSDf impl shows OZ ERC-20 upgradeable pattern — standard implementations do not include SELFDESTRUCT. sFF-Prime (Jan 2026) and FF Staking Vault (Nov 2025) are newer unaudited contracts whose implementation contracts have not been inspected for SELFDESTRUCT. Cannot confirm.

Sources #

Etherscan
USDf Implementation — EtherscanUSDf impl: OZ ERC-20 upgradeable pattern; SELFDESTRUCT unlikely but unconfirmedretrieved 2026-05-12

Methodology #

Determine whether any deployed contract contains the SELFDESTRUCT opcode in a code path reachable from a non-admin caller.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol falcon-finance factor RD-F-011 score gray collected_at 2026-05-12 04:06:37