Solc version used (known-bug versions flagged)

Polymarket's assessment for RD-F-170 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

ConditionalTokens (0x4D97DCd9...): Solidity 0.5.10 — EOL compiler but frozen deployment. Active bugs at 0.5.10 include 'ABIEncoderV2StorageArrayWithMultiSlotElement' (fixed in 0.5.10 — not applicable to 0.5.10 deployments). Post-0.5.10 bugs do not affect this frozen deployment. CTF Exchange V1 (0x4bFb41d5...): Solidity 0.8.15 — bugs 'DirtyBytesArrayToStorage' and 'InlineAssemblyMemorySideEffects' are FIXED in 0.8.15 (were in 0.8.13-0.8.14). V1 is sunset as of April 28, 2026. CTF Exchange V2, NegRiskCTFV2, pUSD: Solidity 0.8.34 — no known active bugs. Yellow assigned for presence of EOL 0.5.10 compiler in the dependency stack (ConditionalTokens), even though practical risk is minimal.

Sources #

URL
Solidity 0.8.15 bug fix announcementSolidity 0.8.15 bugs announcement — DirtyBytesArrayToStorage and InlineAssemblyMemorySideEffects FIXED in 0.8.15retrieved 2026-04-29
URL
Etherscan Solidity Known Bugs Listetherscan.io/solcbuginfo — known bug list for 0.5.10 and 0.8.15retrieved 2026-04-29
Etherscan
ConditionalTokens Polygonscan — Solidity 0.5.10ConditionalTokens: v0.5.10+commit.5a6ea5b1; CTFExchange V1: v0.8.15; CTFExchange V2: v0.8.34retrieved 2026-04-29

Methodology #

Identify the Solidity compiler version used for deployed bytecode and flag if it appears on the known-bug list (solc bugs.json or Vyper 0.2.15–0.3.0 range).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol polymarket factor RD-F-170 score yellow collected_at 2026-04-29 16:25:39