★ Post-audit code changes without re-audit

Maple Finance's assessment for RD-F-139 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

GitHub last commit 2026-02-19 (data-cache). Most recent audit: Nov 2025 (WM by Spearbit+Sherlock). Feb 2026 commits are post-audit and unverified by any public audit. Strong audit cadence historically but a ~3-month gap exists.

Detail #

Maple has maintained excellent audit cadence through Nov 2025 (15 engagements across 6 firms). However, GitHub shows commits as recently as Feb 2026 which post-date the last audit. The scope of those Feb 2026 commits is unknown — could be tests/docs or code changes. Yellow because Maple's demonstrated cadence makes a silent major unaudited change less likely, but the 3-month post-audit gap is a documented finding.

Sources #

Partner feed
https://github.com/maple-labs/maple-core-v2retrieved 2026-04-27
GitHub
https://github.com/maple-labs/maple-core-v2/tree/main/auditsretrieved 2026-04-27

Methodology #

Count deployed changes to audited bytecode where no subsequent audit or spot-review covers the changed code.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol maple-finance factor RD-F-139 score yellow collected_at 2026-04-27 05:38:08