defirisk.co
rubric v1.7.0

Bridge ecrecover checks result ≠ address(0)

OpenEden's assessment for RD-F-151 — scored not_applicable on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

[★ CRITICAL — not_applicable] No ecrecover bridge code. OpenEden USDO uses Chainlink CCIP CCT standard (Chainlink-managed burn-and-mint); no custom ecrecover signature verification in scope. XRPL TBILL is native XRPL issuance, not an ecrecover bridge. F151 (Wormhole-class ecrecover zero-address) is structurally inapplicable.

Sources #

  • Internal
    OpenEden protocol profile §7Profile §7: has_bridge_surface=false; CCIP CCT is Chainlink-managed; not an ecrecover/Merkle-root bridgeretrieved 2026-05-16
  • URL
    OpenEden + Chainlink CCIP CCT announcementChainlink CCIP CCT standard for USDO cross-chain — managed Chainlink protocol, no custom ecrecoverretrieved 2026-05-16

Methodology #

Determine whether the bridge verifier code rejects `ecrecover` returns of `address(0)`.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol openeden factor RD-F-151 score not_applicable collected_at 2026-05-16 10:11:45