defirisk.co
rubric v1.7.0

Bytecode similarity to audited upstream with behavior deviation

Lista DAO's assessment for RD-F-171 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

CDP contracts have structural similarity to MakerDAO (direct fork) with material changes: upgradeable proxy pattern vs MakerDAO immutable, removed LibNote, pending custom events. Full bytecode comparison requires local clone of both repos. Cannot assess behavioral deviation without tool run.

Sources #

  • GitHub
    vat.sol Behavioral Changesvat.sol FIXME: altered from production version — behavioral changes documented but not quantified without tool runretrieved 2026-05-12

Methodology #

Determine whether the bytecode has high structural similarity to an audited upstream but deviates in state-mutation ordering (AI-generated copy risk pattern).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol lista-dao factor RD-F-171 score gray collected_at 2026-05-12 17:54:05