defirisk.co
rubric v1.7.0

Bytecode similarity to audited upstream with behavior deviation

Sanctum's assessment for RD-F-171 — scored not_applicable on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Sanctum is an original codebase, not a fork of any audited upstream. The inf-1.5 repo is an incremental rework of the same team's S program. No cross-organization bytecode-copy risk pattern applies. Factor intent (detecting hidden forks inheriting bugs) is structurally inapplicable.

Sources #

  • GitHub
    igneous-labs/inf-1.5 READMEinf-1.5 README: 'Reworked INF (aka S). Reworked SDKs and incremental program upgrades.'retrieved 2026-05-04

Methodology #

Determine whether the bytecode has high structural similarity to an audited upstream but deviates in state-mutation ordering (AI-generated copy risk pattern).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol sanctum factor RD-F-171 score not_applicable collected_at 2026-05-04 18:49:23