Fork retains upstream audit coverage

Save (formerly Solend)'s assessment for RD-F-131 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

The fork has a fresh audit (Kudelski v1.0) covering the initial fork state. However, major subsequent additions (13+ isolated pools, custom liquidation, oracle integration, ~57 months of changes) are not covered by any confirmed subsequent audit. Upstream SPL audits do not cover Solend's modifications. Classification: upstream+partial — initial fresh audit exists but substantial unaudited delta.

Sources #

Audit
Solend Audit v1.0 — Kudelski SecurityKudelski v1.0 — covers initial fork state onlyretrieved 2026-05-17
Docs
Isolated Pools | SaveSignificant post-audit additions not coveredretrieved 2026-05-17

Methodology #

Determine whether the fork's deployed code is covered by either: (a) the upstream audit plus a delta-audit for fork-specific changes, or (b) a fresh independent audit of the fork.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol save factor RD-F-131 score yellow collected_at 2026-05-17 15:20:15