★ Empty cToken-style market (zero supply/borrow)

GMX v2 (GMX Synthetics)'s assessment for RD-F-070 — scored not_applicable on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

GMX v2 is not a Compound V2 fork. Profile §5 confirms: 'Not forked from any external protocol. GMX v2 is an original rewrite by the GMX core team.' The GM pool model uses ERC-20 market tokens (GM tokens) with a two-sided long/short collateral vault — not cToken supply/borrow accounting. MarketToken.sol source-code verified: declared as 'contract MarketToken is ERC20, Bank' — no Compound CErc20 interface, no totalSupply/totalBorrow lending primitives. The Compound donation/empty-market attack requires zero-supply and zero-borrow state on a cToken market followed by a direct token donation to inflate the exchange rate — none of these preconditions exist in GMX v2. The closely related first-depositor share-inflation risk is independently assessed as green under RD-F-075, with the RECEIVER_FOR_FIRST_DEPOSIT = address(1) guard confirmed in ExecuteDepositUtils.sol.

Sources #

GitHub
GMX synthetics — ExecuteDepositUtils.sol (first-depositor guard, not Compound model)https://raw.githubusercontent.com/gmx-io/gmx-synthetics/main/contracts/deposit/ExecuteDepositUtils.solretrieved 2026-05-05
GitHub
GMX synthetics — MarketToken.sol source (ERC20+Bank inheritance, no Compound interface)https://raw.githubusercontent.com/gmx-io/gmx-synthetics/main/contracts/market/MarketToken.solretrieved 2026-05-05
Docs
GMX v2 docs — Introduction (perpetuals DEX, no stablecoin issuance)https://docs.gmx.io/docs/intro/retrieved 2026-05-05

Methodology #

Determine whether any listed Compound V2-fork market has `totalSupply == 0` and `totalBorrow == 0`, the precondition for a donation-exploit.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol gmx-v2 factor RD-F-070 score not_applicable collected_at 2026-05-05 11:15:06