★ Audit scope mismatch

Jupiter Perpetual Exchange's assessment for RD-F-001 — scored red on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Program PERPHjGBqRHArX4DySjwM6UJHiR3sWAatqfdBS2qQJu is a closed-source Solana BPF binary with no verified build on verify.osec.io as of 2026-05-16 (is_verified:false, on_chain_hash empty, last_verified_at null). All three audits (OtterSec Oct-Nov 2023, Sec3 Jan 2024, Offside Labs Feb-Mar 2024) predate April 2024; the currently deployed binary has no audit coverage and no commit SHA can be matched to any audit report. Closed-source prevents independent drift verification — the Hyperliquid-class precedent per briefing.

Sources #

URL
OtterSec Verified Builds — Jupiter Perps program statusverify.osec.io program verification API response: is_verified:false, on_chain_hash empty string, last_verified_at nullretrieved 2026-05-16
Docs
Jupiter Developer Platform — AuditsJupiter audits index lists only OtterSec, Sec3, Offside Labs — all pre-April 2024; no post-2024 audit listedretrieved 2026-05-16

Methodology #

Check whether the commit SHA cited in the audit report matches the bytecode deployed at the production proxy/implementation address.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol jupiter-perps factor RD-F-001 score red collected_at 2026-05-16 01:53:11