Audit firm tier

Orca's assessment for RD-F-005 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

All four firms are Tier-2 per the taxonomy's EVM-centric Tier-1 list (Trail of Bits, OZ, ConsenSys Diligence, Certora, Sigma Prime, Spearbit, Zellic). Kudelski Security (established multi-domain firm), Neodyme (top-tier Solana specialist), OtterSec (leading SVM auditor), Sec3 (Solana-native with formal analysis tool X-ray) represent the best available audit coverage for Solana programs. Note: The Tier-1 taxonomy list is EVM-centric; OtterSec and Neodyme are effectively Tier-1 equivalents for SVM protocols.

Sources #

URL
OtterSec audit firm profilehttps://osec.io/retrieved 2026-05-16
Audit
https://raw.githubusercontent.com/orca-so/whirlpools/main/.audits/2022-05-05.pdfretrieved 2026-05-16
URL
Sec3 audit firm profilehttps://sec3.dev/retrieved 2026-05-16

Methodology #

Classify each auditing firm into: Tier-1 (Trail of Bits / OpenZeppelin / ConsenSys Diligence / Certora / Sigma Prime / Spearbit / Zellic) / Tier-2 (established, named firm with public track record) / boutique / unknown.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol orca factor RD-F-005 score yellow collected_at 2026-05-16 02:39:16