Code complexity vs audit coverage

Pendle Finance's assessment for RD-F-024 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

150+ Solidity files across 8+ components. At least 9 distinct audit engagements covering different subsystems. Spearbit 15-day engagement; ChainSecurity at V2 Core level; WatchPug multi-part with follow-ups. Coverage appears commensurate but factory V3-V6 evolution means newer versions may have thinner coverage. Borderline yellow.

Sources #

GitHub
Pendle Core V2 repository structurePendle repo tree — 150+ Solidity filesretrieved 2026-04-29
GitHub
Pendle audits directory (multiple components covered)Audits directory — 9+ engagement coverageretrieved 2026-04-29

Methodology #

Determine whether the cyclomatic complexity or LOC-per-audit-day ratio exceeds the curator-declared credibility threshold for the audit to be meaningful.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol pendle factor RD-F-024 score yellow collected_at 2026-04-28 21:09:40