defirisk.co
rubric v1.7.0

Deployed bytecode matches signed release tag

JustLend DAO's assessment for RD-F-136 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

TVM bytecode comparison against signed release-tag commits requires TRON archival node and TVM bytecode tooling not available in this assessment. No signed git tags confirmed in GitHub commit history. Source code is public but bytecode reproducibility unverifiable with available EVM tools.

Sources #

  • GitHub
    JustLend Protocol GitHub — commit historyGitHub justlend/justlend-protocol: source code public, last commit March 2026, but no signed git tags observed and TVM bytecode comparison not possible with EVM tooling.retrieved 2026-05-17

Methodology #

Determine whether the deployed runtime bytecode corresponds to a signed git tag in the protocol's repository.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol justlend factor RD-F-136 score gray collected_at 2026-05-17 10:25:32