Deployed bytecode matches signed release tag
Multipli's assessment for RD-F-136 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
GitHub repo has no signed release tags; last commit 2026-01-16 on untagged branch. Actual deployed bytecode vs commit SHA comparison not possible without verified Avalanche/Base/Ethereum source matching. 'Barebones' repo caveat means deployed contracts may differ from published source.
Sources #
- GitHubMultipli GitHub — no release tags for bytecode matchingmultipli-libs/Barebones-MultipliVault: no signed release tags; last commit 2026-01-16retrieved 2026-05-17
- 00-data-cache.json github sectioncache github.last_commit_date=2026-01-16; changelog_present=falseretrieved 2026-05-17
Methodology #
Determine whether the deployed runtime bytecode corresponds to a signed git tag in the protocol's repository.
See the full factor methodology and distribution across all protocols →
rubric_version v1.7.0 protocol multipli factor RD-F-136 score gray collected_at 2026-05-17 11:48:35