Shared-library version with known-vuln status

Spark Protocol's assessment for RD-F-135 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

SkyLink bridge dependency adds external trust assumption for cross-chain USDS transfers. Bridge is not part of original Aave v3 or sDAI design; introduces additional attack surface.

Sources #

Governance
https://forum.skyeco.com/t/technical-scope-of-the-new-skylink-bridge-to-plasma/27850retrieved 2026-04-21

Methodology #

Identify the version of key shared libraries (OZ, Solady, Solmate) used and check against CVE/GHSA databases for any active advisory.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol spark factor RD-F-135 score yellow collected_at 2026-04-27 01:00:42