★ Post-audit code changes without re-audit

M^0's assessment for RD-F-139 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

SwapFacility upgraded 2026-02-24 to impl 0x45bF08d0...584550DA8. Original 2024 audits did not cover SwapFacility (deployed 2025-08-05). Dec 2025 - Feb 2026 Multichain V2/M Portal V2 audit batch (Sherlock, Halborn, ChainSecurity, Guardian, Adevar) likely covers this, but specific bytecode coverage of the 2026-02-24 implementation has not been confirmed from a public PDF with commit SHA.

Sources #

Etherscan
SwapFacility Proxy — EtherscanSwapFacility upgrade 2026-02-24 to new implementation; no commit SHA mapped to audit PDFretrieved 2026-05-16
Docs
M^0 Portal Audit ReportsAudit reports: Multichain V2/M Portal V2 (Dec 2025 - Feb 2026) — Sherlock, Halborn, ChainSecurity, Guardian, Adevarretrieved 2026-05-16

Methodology #

Count deployed changes to audited bytecode where no subsequent audit or spot-review covers the changed code.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol m0 factor RD-F-139 score yellow collected_at 2026-05-16 09:46:19