ecrecover zero-address return unchecked

Polymarket's assessment for RD-F-019 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

CTF Exchange V1 uses OpenZeppelin ECDSA.recover() (handles zero-address case). CTF Exchange V2 uses Solady ECDSA.recover() (also handles zero-address). No raw ecrecover() without guards found in signature validation path.

Sources #

GitHub
CTF Exchange V1 Signatures mixinctf-exchange/src/exchange/mixins/Signatures.sol — ECDSA.recover() via OZretrieved 2026-04-29
GitHub
CTF Exchange V2 Signatures mixinctf-exchange-v2/src/exchange/mixins/Signatures.sol — ECDSA.recover() via Soladyretrieved 2026-04-29

Methodology #

Determine whether any `ecrecover` call result is used without a `!= address(0)` guard.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol polymarket factor RD-F-019 score green collected_at 2026-04-29 16:25:39