Solc version used (known-bug versions flagged)

OpenEden's assessment for RD-F-170 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

TBILL V5Impl and V4Impl use pragma solidity =0.8.9 (pinned). Deployed bytecode compiled with v0.8.9+commit.e5eed63a (Etherscan exact match). USDO implementation uses v0.8.18+commit.87f61d96. KycManager (deprecated) uses v0.8.20. Hardhat config specifies 6 compiler versions: 0.8.9, 0.8.17, 0.8.16, 0.7.6, 0.6.6, 0.4.24. Optimizer enabled, 200 runs, no viaIR. 0.8.9 is not on Solidity's known-critical-bug list but is 5 major point versions behind current (0.8.26) and has not received patches since 2021. Legacy versions 0.7.6, 0.6.6, 0.4.24 in the config are likely for library compatibility. Yellow for legacy primary compiler version (not flagged-bug, but unmaintained for 5 years).

Sources #

GitHub
OpenEden Vault Audit — hardhat.config.tshardhat.config.ts — 6 compiler versions including 0.8.9, 0.7.6, 0.6.6, 0.4.24; optimizer enabled 200 runsretrieved 2026-05-16
Etherscan
OpenEdenVaultV5 — Etherscan Verified Source (Compiler Details)TBILL V5 impl — v0.8.9+commit.e5eed63a, optimizer 200 runs, exact matchretrieved 2026-05-16

Methodology #

Identify the Solidity compiler version used for deployed bytecode and flag if it appears on the known-bug list (solc bugs.json or Vyper 0.2.15–0.3.0 range).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol openeden factor RD-F-170 score yellow collected_at 2026-05-16 10:11:45