★ Audit scope mismatch

GMX v2 (GMX Synthetics)'s assessment for RD-F-001 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

ABDK (most recent standalone comprehensive audit) was tied to commit 298c6d7f1ef089a1437dc7099db1e4c647ed1b7e (added 2023-11-06). Current main-branch head is a5865d1 (2026-04-20), ~29 months later, with substantial post-audit additions: GLV vaults, multichain/LayerZero liquidity, relay/gasless routing, v2.2 callback redesign, v2.3 cross-margin. Guardian's ongoing retainer (10+ post-launch engagements) explicitly covers these features, but no single publicly-accessible report maps to current deployed bytecode by commit SHA. Gap is real but partially mitigated by Guardian retainer.

Sources #

GitHub
ABDK GMX Synthetics AuditABDK GMX Synthetics Audit - commit 298c6d7f1ef089a1437dc7099db1e4c647ed1b7eretrieved 2026-05-05
GitHub
gmx-synthetics commit historygmx-synthetics main branch head commit a5865d1 (2026-04-20)retrieved 2026-05-05
URL
Guardian Case Studies — GMXGuardian case studies index — GMX case study - 10+ post-launch engagementsretrieved 2026-05-05

Methodology #

Check whether the commit SHA cited in the audit report matches the bytecode deployed at the production proxy/implementation address.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol gmx-v2 factor RD-F-001 score yellow collected_at 2026-05-05 11:15:06