Stake DAO · DeFi Risk

DeploymentsEthereum · $148.8M

Risk profile at a glance

1 red · 4 yellow · 7 green

Categories & evidence

184 factors · 13 categories

Code & audits Yellow 25 25 of 25

RD-F-009 red Formal verification coverage Zero formal verification coverage. Certora SecurityReports portfolio does not list Stake DAO. No Certora, Halmos, or Kani specifications found in the contracts-monorepo. The foundry-base-config.toml shows only fuzz_runs=50 (basic fuzzing). Documentation lists 5 audit firms — none are formal verification providers. At $160M TVL with 15 audit engagements, zero FV coverage is a notable gap per methodology (red = 0% FV). RD-F-001 yellow Audit scope mismatch vlSDT deployed 2026-04-15 (block 24885681, tx 0xf6870de4d9d208b44b9774f9ff2a19f15f987e360521228746275ab00476d5db) postdating Trust Security audit sign-off 2026-03-26. Post-audit TRST-designated remediation commits on 2026-04-01 plus additional commits through 2026-05-12 (commit 90c7b94) were deployed. Audit PDF not accessible via WebFetch; no commit SHA independently confirming audited revision vs deployed source. Etherscan shows 'Exact Match' for vlSDT source. Older modules (liquid lockers, Votemarket) have multi-year audit coverage with verified source matches. Yellow for vlSDT recency gap and unverifiable commit alignment; green for older modules. RD-F-003 yellow Resolved-without-proof findings ChainSecurity 2022-10 liquid lockers audit found 2 medium findings; team chose not to modify deployed code. ChainSecurity audit summary confirms medium issues acknowledged but left unresolved post-deployment. Zach Obront Votemarket audit (2023-11 / 2023-05-22-26) found 5 medium issues, most resolved per referenced commit SHAs. No evidence of critical/high findings marked resolved without proof. Yellow for medium findings left unresolved in older module; no critical or high unverified resolutions found. RD-F-005 yellow Audit firm tier No Tier-1 audit firm (Trail of Bits, OpenZeppelin, ConsenSys Diligence, Certora, Sigma Prime, Spearbit, Zellic) has audited Stake DAO per publicly available records. ChainSecurity is Tier-2 (confirmed via audit index page). Trust Security is Tier-2 (portfolio page lists Stake DAO, Warren testimonial). Omniscia is Tier-2. Pashov Audit Group is Tier-2. Zach Obront is boutique/independent (high-quality researcher). Yellow = Tier-2 only, no Tier-1. RD-F-007 yellow Bug bounty presence & max payout Stake DAO operates an in-house bug bounty program (not Immunefi). Maximum critical payout: $100,000. Yellow: active program exists but max payout $100K is in the $50K-$499K yellow band (well below the $500K green threshold). No Immunefi listing confirmed by search. RD-F-024 yellow Code complexity vs audit coverage Monorepo has 2,190 commits; Solidity 97.1%. 15 audit engagements across 5 firms covering major product surfaces (liquid lockers, Votemarket V1/V2, OnlyBoost v1/v2, Staking v2, LaPoste, ZeroLend locker, Curve oracles, vlSDT). Strategy contracts (20+ yield strategies across 10 chains) are covered as a framework rather than individually. Audit breadth is strong; borderline on LOC-per-audit-day for the full strategy layer. Yellow reflecting adequate but not comprehensive coverage. RD-F-183 yellow Bug bounty scope gap on highest-TVL contracts In-house bug bounty at docs.stakedao.org/bug-bounty covers 'smart contracts deployed on Ethereum mainnet listed in Contract Addresses' and code 'tagged for production.' No Immunefi listing. Scope is ambiguous — does not provide a machine-readable list of in-scope addresses to verify coverage of highest-TVL liquid locker contracts. The $100K critical cap vs $160M TVL provides weak economic incentive for whitehat disclosure on core locker contracts. Yellow: scope ambiguous, not explicitly excluding highest-TVL contracts but not explicitly verifying inclusion. RD-F-010 gray Static-analyzer high-severity count No published Slither/Mythril/Semgrep output found for Stake DAO contracts. Data cache static_analysis field is empty. Tool run required but not performed. 15 audit engagements provide partial substitute evidence but do not produce standardized programmatic output per methodology requirements. RD-F-011 gray SELFDESTRUCT reachable from non-admin path No published static analysis confirming absence of SELFDESTRUCT. Core inspected contracts (vlSDT, CurveYCRVVoter, sdCRV, Votemarket V1) are non-upgradeable; architectural descriptions do not indicate SELFDESTRUCT. No Slither output available. Tool run needed. RD-F-012 gray delegatecall with user-controlled target No published static analysis. LaPoste uses delegatecall to a hardcoded implementation — not user-controlled. No architectural evidence of user-controlled delegatecall. Slither run needed for comprehensive coverage across all strategy contracts. RD-F-013 gray Arbitrary call with user-controlled target No published static analysis. Strategy contracts call allowlisted Curve/Balancer gauge addresses (not user-supplied). Trust Security OnlyBoost audits reviewed execution paths. Full Slither coverage needed across 20+ strategy contracts. RD-F-014 gray Reentrancy guard on external-calling functions vlSDT confirmed to use ReentrancyGuard (OZ 5.2.0). Strategy contracts route through Curve external calls. Nov 2023 sdCAKE incident was not a reentrancy (implementation error). No comprehensive Slither reentrancy output available for all strategy contracts. RD-F-015 gray ERC-777/1155/721 hook without reentrancy guard Core tokens (CRV, BAL, FXS, PENDLE) are standard ERC-20 — no ERC-777 callbacks. sdCRV is standard ERC-20 (confirmed from source). Factor likely N/A by architecture but cannot confirm without full Slither scan across all strategy contracts. RD-F-016 gray Divide-before-multiply pattern No Slither output. ChainSecurity 2022-10 audit did not flag divide-before-multiply. vlSDT uses OZ 5.2.0 Math library. Cannot score without programmatic analysis. RD-F-017 gray Mixed-decimals math without explicit scaling Core governance tokens are all 18-decimal (CRV, BAL, FXS, PENDLE). Cross-decimal risk primarily in Morpho vault strategies (USDC 6-decimal). No published analysis of decimal handling in strategy contracts. Tool run or source review needed. RD-F-018 gray Signed/unsigned arithmetic confusion Solidity 0.8.x natively reverts on overflow. No published symbolic execution. P2 priority factor. RD-F-019 gray ecrecover zero-address return unchecked vlSDT and core contracts do not use ecrecover (Ownable2Step pattern, no sig-based auth). Zach Obront Votemarket audit found no ecrecover issues. Without Slither on all contracts, cannot confirm universally. RD-F-020 gray EIP-712 domain separator missing chainId vlSDT does not use EIP-712 signatures. LaPoste uses Chainlink CCIP messaging (not custom EIP-712). Core contracts likely N/A but cannot confirm for all peripheral contracts without full source review. RD-F-021 n/a UUPS _authorizeUpgrade correctly permissioned No UUPS upgradeable contracts identified among inspected core contracts. vlSDT is non-upgradeable. veSDT uses TransparentUpgradeableProxy (not UUPS). CurveYCRVVoter is non-upgradeable. LaPoste uses a custom proxy pattern. UUPS pattern not present in core audited surface. RD-F-023 gray Constructor calls _disableInitializers() vlSDT and most core contracts are non-upgradeable — _disableInitializers() not applicable where no proxy pattern exists. veSDT implementation (0x09943C4f27f2aDA5BB58b845d27405a4b3A894a8) not inspected. Gray pending curator inspection of the veSDT implementation constructor.

RD-F-002 green Audit recency Most recent audit: Trust Security vlSDT 2026-03-26, approximately 51 days before assessment date 2026-05-16. Well within the ≤365-day green threshold. Staking v2 follow-up audit (Omniscia 2025-09-03, ~255 days). Core liquid locker audit (ChainSecurity 2022-10) is over 3 years old but a newer staking-v2 audit series partially covers updated architecture.

RD-F-004 green Audit count 5 distinct audit firms with public reports covering deployed code: ChainSecurity (3 engagements), Trust Security (5 engagements), Omniscia (3 engagements), Pashov Audit Group (2 engagements), Zach Obront / independent (1 engagement). 15 total engagement reports across the audits repository. Well above the ≥2 firms green threshold.

RD-F-006 green Audit-to-deploy gap vlSDT: audit sign-off 2026-03-26, deployment 2026-04-15 = 20 days gap. Well within ≤60-day green threshold. No evidence of >180-day gaps for other recent modules. ChainSecurity 2022-10 liquid lockers audit covered already-deployed contracts (post-hoc coverage, gap not applicable in same direction).

RD-F-008 green Ignored bounty disclosure No post-mortem evidence of a disclosed vulnerability that was reported and ignored before exploit. The Nov 2023 sdCAKE incident (~$4K) was an implementation-error (wrong LiquidityGauge deployed), not a received-but-ignored disclosure. The March 2026 Votemarket peripheral oracle exploit ($176K) was patched promptly with treasury reimbursement. The Votemarket whitehat report was paid as a bounty. No ignored-disclosure pattern.

RD-F-022 green Public initialize() without initializer modifier vlSDT (0x94818A7baa7e9F5dC62ce4da1B52ef9a760b80B8): no initialize() function — standard constructor(address _owner, address _boostRegistry). CurveYCRVVoter (0x52f541764E6e90eeBc5c21Ff570De0e2D63766B6): Solidity 0.5.17, constructor only, no proxy. sdCRV (0xD1b5651E55D4CeeD36251c61c50C889B36F6abB5): standard ERC-20 constructor. Votemarket V1 (0x0000000895cB182E6f983eb4D8b4E0Aa0B31Ae4c): standard constructor. LaPoste impl (0xbF0000F5c600b1a84fe08f8d0013002ebc0064fe): standard constructor. No unprotected initialize() found across all inspected implementation contracts.

Governance & admin Yellow 30 24 of 24

RD-F-032 red Timelock duration on upgrades Timelock delay is 28,800 seconds (8 hours). Confirmed via on-chain constructor argument: hex 0x7080 = 28,800. Factor threshold: <24h = red. 8 hours < 24 hours = red. Data cache value of 86,400s was incorrect. RD-F-038 red Proposal execution delay < 24h Timelock delay is 8 hours (28,800s) — below the 24-hour threshold. Proposal execution delay from timelock contractual delay alone is 8h < 24h = red. Snapshot voting period adds practical friction (24h to 7d per SDGP-66) but this is not a contractual timelock guarantee. RD-F-042 red Admin has mint() with unlimited max [★ CRITICAL] SDT token (0x73968b9a57c6E53d41345FD57a6E6ae27d6CDB2F) has mint(address _to, uint256 _amount) with no hard cap enforced in contract code. No cap(), MAX_SUPPLY, or maxSupply() function in ABI. Docs claim 100M FDS but not enforced on-chain. Current totalSupply ~69.6M SDT. Mint is owner-only (Ownable). Owner identity unconfirmed — may be deployer EOA or governance multisig. No timelock confirmed on the mint path. RD-F-026 yellow Upgrade multisig signer configuration (M/N) 4-of-7 threshold per LlamaRisk secondary source. Safe API blocked (HTTP 422). SDGP-67 confirms threshold unchanged after signer rotation. On-chain getThreshold() not readable via WebFetch. Rendered as '4/7'. Secondary source only — cannot confirm on-chain. RD-F-028 yellow Low-threshold multisig vs TVL 4-of-7 is peer-norm for $160M TVL tier. However, signer identities are unknown (not publicly attested). Safe API blocked — on-chain verification failed. Cannot confirm effective threshold if signers are co-located. Yellow because threshold adequate on paper but signer composition unverifiable. RD-F-033 yellow Timelock on sensitive actions Timelock exists and admin is governance multisig. executeTransaction() routes through 8h delay. No emergency/rescue path in timelock source. PROXY_ADMIN owner unconfirmed — if not routed through timelock, upgrades may bypass delay. Partial coverage: 3/5 sensitive action types appear timelocked; oracle-config and PROXY_ADMIN upgrade paths unconfirmed. RD-F-034 yellow Guardian/pause-keeper distinct from upgrader No dedicated pause/guardian role identified distinct from the upgrader. The governance multisig holds both the timelock admin role and any cancel authority. Aragon app is vestigial. No separate pause-keeper address. RD-F-035 yellow Role separation: upgrade ≠ fee ≠ oracle GOVERNANCE address (0xB0552b6860CE5C0202976Db056b5e3Cc4f9CC765) is distinct from PROXY_ADMIN (0xfE612c237A81527a86f2Cac1FD19939CF4F91B9B). However oracle-config role not separately enumerated, and PROXY_ADMIN owner unconfirmed. Partial separation visible; not all three roles confirmed as distinct. RD-F-040 yellow Emergency-veto multisig present No emergency-veto multisig found separate from the governance multisig. cancelTransaction() in timelock callable only by the admin (same entity as proposer). No distinct cancel-role holder. RD-F-041 yellow Rescue/emergencyWithdraw without timelock Timelock source has no rescue/emergencyWithdraw function. LlamaRisk notes multisig has 'elevated rights' that could 'rug users', implying some direct action path. Full enumeration of rescue functions across all core contracts (CurveYCRVVoter, sdCRV, strategy contracts) not completed in this pass. Yellow pending code-security-analyst full source scan. RD-F-043 yellow Admin = deployer EOA after 7 days Deployer EOA (0x000755Fb) continues active protocol operations (vlSDT deploy ~Apr 2026, BoostMarketplace May 2026) but primary governance admin role is held by governance multisig (0xf930ebbd). Protocol is 64 months old. SDT token mint ownership ambiguous — may still be deployer EOA. Core protocol governance separated from deployer; SDT mint path not confirmed as multisig-controlled. RD-F-029 gray Multisig signers co-hosted Signer addresses not publicly attested; no OSINT data on infrastructure independence. RD-F-030 gray Hot-wallet signer flag Signer addresses unknown; cannot assess hot-wallet behavior patterns. RD-F-044 gray Admin wallet interacts with flagged addresses Cannot assess without CTI feed access. Deployer EOA is a 64-month-old operational address. No flagged interactions identified in available public data. RD-F-045 gray Constructor args match governance proposal No on-chain governor with constructor-arg calldata exists. Deployments are by EOA; no formal governance proposal mandates specific constructor args. Not assessable for this architecture class. RD-F-047 gray Governance token concentration (Gini) Gini computation requires holder distribution scan not performed in this pass. vlSDT recently deployed (April 2026), limiting meaningful concentration data. SDT top-holder analysis deferred.

RD-F-025 green Admin key custody type Admin/upgrader role held by multisig+timelock pattern. Governance multisig (0xf930ebbd05ef8b25b1797b9b2109ddc9b0d43063) is admin of Timelock (0xD3cFc4E65a73BB6C482383EB38f5C3E1d1411616). Etherscan label confirms 'Stake DAO: Governance' on the multisig. Categorical classification: multisig+timelock.

RD-F-027 green Single admin EOA Effective upgrade/owner role held by Gnosis Safe (0xf930ebbd05ef8b25b1797b9b2109ddc9b0d43063), not an EOA. Etherscan confirms Safe Mastercopy 1.1.1 proxy — eth_getCode returns non-zero (contract). Admin role is not a single EOA.

RD-F-031 green Signer rotation recency SDGP-67 records a normal signer rotation (PumpkingWok replaced by qqqqqd). Threshold explicitly unchanged. No threshold reduction detected. No DPRK-precursor pattern (threshold reduction + timelock removal within 14d) identified.

RD-F-036 green Flash-loanable voting weight vlSDT uses checkpoint-based balance tracking (balanceOfAt, totalSupplyAt) — same-block flash-loan attacks are structurally impossible. SDGP-66 explicitly invalidates temporary voting power including flash loans. 8-week exit queue with penalty for immediate unstaking further reduces attack surface. Green-by-construction for vote-lock architecture.

RD-F-037 green Quorum achievable via single-entity flash loan vlSDT not flash-loanable due to checkpoint tracking and 8-week exit queue. Flash loan quorum attack structurally infeasible by architecture.

RD-F-039 green delegatecall/call in proposal execution without allowlist Timelock uses low-level call() NOT delegatecall in execution path. Governance is Snapshot off-chain + multisig signing queueTransaction/executeTransaction — not an on-chain governor with arbitrary proposal payloads. No unconstrained delegatecall in proposal execution identified.

RD-F-046 green Contract unverified on Etherscan/Sourcify All assessed core contracts verified on Etherscan: SDT token (verified), vlSDT (verified, exact match), veSDT proxy (verified), Timelock (verified), governance multisig (verified as Safe), CurveYCRVVoter (verified), Aragon app (verified). No unverified core contract at launch.

RD-F-167 green Deprecated contract paused but pause reversible by live admin Aragon Voting App (0x82e631fe565E06ea51a00fAbcd79645272f654eB) is deprecated/vestigial (last tx Jul 29, 2024). It is a governance mechanism, not a value-holding contract. No deprecated surface with material TVL remains under live admin control. Admin retains technical access but the Aragon app holds no material user funds.

Oracle & external dependencies Yellow 22 17 of 17

RD-F-050 red Dependency graph (protocols depended upon) Existential, non-redundant runtime dependency on four non-upgradeable Curve core contracts: GaugeController (0x2F50D538606Fa9EDD2B11E2446BEb18C9D5846bB) for gauge vote execution, VotingEscrow (0x5f3b5DfEb7B28CDbD7FAba78963EE202a494e2A2) for veCRV lock management, Minter (0xd061D61a4d941c39E5453435B6345Dc261C2fcE0) for CRV reward harvesting, FeeDistributor (0xD16d5eC345Dd86Fb63C6a9C43c517210F1027914) for 3CRV fee claims. CurveStrategy.sol calls IMinter(MINTER).mint_for() with MINTER as an immutable field; VoterBase.sol calls IGaugeController.vote_for_gauge_weights(). If Curve deprecates or migrates any of these contracts, Stake DAO's core value proposition (boosted veCRV delegation) halts with no in-protocol fallback. Additionally dependent on Balancer/Frax/Pendle veToken contracts for respective lockers, and Convex Booster for optional strategy boost routing. Red: critical non-redundant dependency with no fallback on non-upgradeable external protocol. RD-F-049 yellow Oracle role per asset Morpho lending vault oracles: CurveStableswapOracle / OracleChainlinkAdapter serve as Primary oracle per Curve-LP collateral asset. No secondary or fallback oracle declared in adapters — failure mode is REVERT (via BaseOracle staleness check) rather than secondary fallback. Core locker path has no oracle at all, so no Primary/Secondary/Fallback concept applies there. Yellow: primary defined per asset in lending module, but no fallback feed. RD-F-051 yellow Fallback behavior on oracle failure Core locker path: oracle-free — no oracle failure mode. Morpho lending vault path: BaseOracle.sol enforces revert-on-stale (require(latestPrice > 0 && updatedAt > block.timestamp - maxStale)). Fallback behavior is HALT (revert), not secondary oracle or last-known-price. No secondary oracle feed configured in adapters. Yellow: revert-on-stale is better than ignoring stale prices; lacks secondary oracle fallback. RD-F-052 yellow Breakage analysis per dependency Breakage analysis: (1) Curve GaugeController deprecation → core locker halts, gauge-weight voting ceases, sdCRV loses primary utility — CRITICAL. (2) Curve VotingEscrow deprecation → new CRV locks impossible, existing positions stranded until expiry — CRITICAL. (3) Curve Minter stops emitting → CRV yield goes to zero, strategy APY collapses — HIGH. (4) Chainlink ETH/USD or USDC/USD stale (>3600s/82800s) → Morpho lending vault borrows/repays revert — MEDIUM (operational, not principal loss). (5) LaPoste/CCIP failure → Votemarket L2 claims interrupted, SDT cross-chain transfers paused — LOW-MEDIUM (reward distribution delay, no TVL loss). (6) Convex Booster failure → degraded yield (lower boost), no principal loss — LOW. Major dependencies documented; Balancer/Frax/Pendle veToken locker dependencies not individually enumerated. Yellow: major deps documented with impact severity; minor locker deps (FXS, PENDLE, etc.) not individually enumerated. RD-F-057 yellow Circuit breaker on price deviation No explicit price-deviation circuit breaker (maxDeviationBps pattern) found in Morpho lending oracle adapters. BaseOracle.sol implements staleness check (revert on stale or non-positive price) but no inter-block deviation guard. Core locker path: not applicable (oracle-free). Yellow: staleness check present; no deviation circuit breaker found in source. RD-F-058 yellow Max-deviation threshold (bps) No circuit breaker (F057 yellow) → no max-deviation threshold to evaluate. Factor not applicable given F057 finding. Yellow follows from F057. RD-F-060 yellow Chainlink aggregator min/max bound misconfig Major Chainlink blue-chip feeds used (ETH/USD, BTC/USD, USDC/USD, LINK/USD). ETH/USD (0x5f4eC3Df9cbd43714FE2740f5E3616155c5b8419) is the canonical Ethereum mainnet feed with well-established minAnswer/maxAnswer bounds. Trust Security 2025-08 audit covered misc Curve oracles and presumably reviewed feed configuration; no bound-misconfig finding flagged in profile. RPC-level minAnswer/maxAnswer not independently verified in this session. Yellow: major feeds used with audit coverage; RPC-level bounds not independently verified. RD-F-062 yellow External keeper/relayer not redundant Multiple internal keeper/automation contracts: All Might (0x0000000a3Fc396B89e4c11841B39D9dff85a5D05), All Might V2 (0x9B3C89f4bfda2b07E15A7cF45C3F092b4b3ca074), Botmarket (0xADfBFd06633eB92fc9b58b3152Fe92B0A24eB1FF), Automation (0x90569D8A1cF801709577B24dA526118f0C83Fc75). No Chainlink Automation or Gelato dependency detected (data cache layerzero.present=false; no third-party keeper listed in profile). Two All Might versions suggest version-based redundancy. Core locker operations (deposit, withdraw) are permissionless — keeper failure delays harvest automation but does not halt principal operations. Yellow: multiple internal keepers present but not independently operated; whether they are truly independent vs centrally managed ops team is unverified. RD-F-180 yellow Immutable oracle address SOURCE-CONFIRMED IMMUTABILITY in Morpho lending vault oracle adapters (peripheral module). OracleChainlinkAdapter.sol: declares 'IOracle public immutable ORACLE' with no admin setter function — oracle address cannot be changed post-deployment. CurvePriceFeedChainlinkAdapter.sol: declares 'ICurvePriceFeed public immutable CURVE_PRICE_FEED' with no admin setter. BaseOracle.sol: feed addresses set in constructor, no admin setter found (WebFetch confirmed). However: (1) the immutability is in peripheral Morpho lending vaults, NOT the core $160M liquid locker; (2) core locker path is oracle-free — F180 cannot fire there; (3) Morpho's market architecture means remediation is a new market deployment with updated oracle (feasible governance action); (4) Trust Security 2025-08 audit specifically covered these oracle adapters. Yellow scored (not red) because the immutability is in a peripheral subsystem with limited TVL exposure relative to total protocol TVL. FLAG FOR ORCHESTRATOR: F180 IS ★ cr

RD-F-048 green Oracle providers used Core liquid locker path (VoterBase, DepositorBase, AccumulatorBase, CurveStrategy, Strategy) uses ZERO price oracles — source-verified across 6 contracts. Peripheral Morpho lending vault path uses Chainlink push-oracle feeds (19 feeds in data cache: ETH/USD, USDC/USD, BTC/USD, LINK/USD, etc.) via custom Curve-LP oracle adapters (OracleChainlinkAdapter, CurveStableswapOracle, CurveCryptoswapOracle). Oracle architecture cleanly separated: core locker is oracle-free; Morpho lending vaults consume Chainlink with documented staleness checks. Trust Security 2025-08 audit specifically covered Stake DAO misc Curve oracles.

RD-F-053 green Oracle source = spot DEX pool (no TWAP) ZERO spot DEX oracle usage found across all source-verified core contracts. VoterBase.sol: no oracle calls (vote_for_gauge_weights only). DepositorBase.sol: no oracle calls (token transfers and lock operations only). AccumulatorBase.sol: no oracle calls (reward split and gauge deposit). CurveStrategy.sol: no oracle calls (Minter.mint_for, gauge.deposit/withdraw). Strategy.sol: no oracle calls (sidecar delegation and ERC20 operations). SDToken.sol: no oracle calls (ERC20 mint/burn). Peripheral Morpho lending adapters use Chainlink push-oracle (not spot DEX pool). Pipeline's 19 Chainlink feeds confirmed as peripheral lending module feeds, not core locker feeds. F053 ★ GREEN — consistent with Curve/Convex vote-aggregator architecture class where all accounting is in token-quantity units without price discovery.

RD-F-054 green TWAP window duration Protocol does not use DEX-TWAP oracles. Morpho lending vault adapters use Chainlink push-oracle exclusively (not TWAP). Source inspection of CurveCryptoswapOracle, CurveStableswapOracle, OracleChainlinkAdapter confirms Chainlink-only; no UniswapV3 OracleLibrary.consult() or Uniswap TWAP calls found. Factor is N/A (green per taxonomy when protocol does not use TWAP oracles).

RD-F-055 green Oracle pool depth (USD) Protocol does not use DEX pool oracles (no TWAP oracle, no DEX pool pricing). Morpho lending adapters use Chainlink push-oracle feeds. DEX pool depth is irrelevant to Chainlink oracle security. Factor is N/A (green per taxonomy when protocol does not use DEX-TWAP oracle).

RD-F-056 green Single-pool oracle (no medianization) Chainlink push-oracle feeds are inherently multi-node aggregated (not single-pool). CurveCryptoswapOracle uses conservative minimum pricing across pool assets via Chainlink hop chains — not a single-pool reading. CurvePriceFeedChainlinkAdapter uses Curve's internal lp_price() for LP valuation (EMA-based, not single-block spot). No single-DEX-pool oracle without cross-validation found. Green: multi-source Chainlink aggregation architecture.

RD-F-059 green Oracle staleness check present BaseOracle.sol enforces staleness check: require(latestPrice > 0 && updatedAt > block.timestamp - maxStale, InvalidPrice()). Per-feed maxStale heartbeat configured at construction. Data cache confirms: ETH/USD (0x5f4eC3Df...) heartbeat 3600s (deviation 0.5%), USDC/USD (0x8fFfFfd4...) heartbeat 82800s, BTC/USD (0xF4030086...) heartbeat 3600s. ETH/USD 3600s is within the taxonomy green threshold (≤3600s for volatile assets). USDC/USD 82800s is appropriate for a stablecoin (slow-moving asset). Core locker path: oracle-free, not applicable.

RD-F-061 green LP token balanceOf used for pricing LP token balanceOf not used in price path. CurveCryptoswapOracle calls Curve's lp_price() function (EMA-based virtual price, manipulation-resistant) for LP token valuation, then converts via Chainlink hop chain. No raw balanceOf call in price calculation path found in any oracle adapter. Core locker: oracle-free.

RD-F-181 green Permissionless-pool lending oracle Not applicable — Stake DAO's Morpho lending vault oracles use Chainlink push-oracle feeds (not permissionlessly-created DEX pools). Morpho Blue uses an immutable oracle-per-market model where the oracle is specified at market creation (governance-controlled), not from a permissionless pool factory. CurveCryptoswapOracle uses Chainlink hop chains and Curve's lp_price() — both are established, non-permissionless sources. No Uniswap v2/v3 factory without filters, no permissionless pool acceptance pattern detected. Green: architecture incompatible with permissionless-pool oracle acceptance.

Economic risk Green 17 13 of 13

RD-F-065 yellow Liquidity depth per major asset sdCRV/CRV Curve pool (primary secondary-market exit for the largest liquid locker, pool 0xf7b55c3732ad8b2c2da7c24f30a69f55c54fb717) holds only $507.81 in TVL with approximately 2 transactions in 24 hours and ~$20-77K daily volume (variable). Exchange rate: approximately 1 sdCRV = 0.615 CRV (38.5% discount to 1:1 peg). sdCRV price ~$0.157 USD; CRV ~$0.255 USD. This pool is the sole exit mechanism for sdCRV holders — there is no protocol-operated redemption path. A $50K exit would exceed total pool TVL by 100x, resulting in near-total price impact. sdCRV circulating supply 119,049,300 tokens (~$18.7M), while pool depth is $508 — ratio of pool/supply = 0.003%. Structural depeg documented at 50-70% peg range for Curve-ecosystem liquid lockers (Curve Finance analysis, paragraph.com). This is yellow (not red) because (a) the protocol explicitly discloses exit-via-DEX-only architecture and (b) staking rewards (8% of LP strategy fees) and SDT emissions partially offset economic loss for holder RD-F-064 gray TVL concentration (top-10 wallet share) On-chain wallet-level deposit concentration for Stake DAO strategy vaults and liquid lockers is not accessible without a dedicated subgraph query or Dune dashboard. Dune queries are blocked (403 per process-learnings). Etherscan shows 501 sdCRV token holders, but this measures token holder distribution not vault depositor concentration. Ethereum holds 93.3% of total TVL by chain, which is chain concentration (structural — primary chain hosting all core contracts), not wallet concentration. No deposit concentration figure can be produced without programmatic tooling. RD-F-066 n/a Utilization rate (lending protocols) Stake DAO is a Curve-ecosystem vote-aggregator and yield meta-layer (protocol category: YIELD), not a lending protocol. No borrow/supply markets exist in the core protocol. Morpho lending vaults are peripheral deployments on third-party Morpho Blue infrastructure, not Stake DAO's own lending surface. Per PD-024: utilization rate is a lending-only factor. RD-F-067 n/a Historical bad-debt events No lending markets in the core protocol; no collateral mechanism; no bad debt mechanism. Per PD-024: historical bad debt events is a lending-only factor. Stake DAO's liquid lockers lock tokens permanently with no liquidation path — there is no concept of under-collateralization in this architecture. RD-F-068 n/a Collateralization under stress No collateralized borrowing in core protocol. The liquid locker model deposits governance tokens into veToken contracts (Curve VotingEscrow, Balancer VotingEscrow, etc.) permanently; these positions cannot be liquidated. Collateralization ratio as a stress-scenario metric does not apply. Per PD-024: collateralization ratio is lending-only. RD-F-069 n/a Algorithmic / under-collateralized stablecoin Stake DAO does not issue a stablecoin. SDT is a governance token (100M hard cap, no peg mechanism). sdCRV, sdBAL, sdFXS, sdPENDLE are governance-token derivatives with floating secondary-market prices — not stablecoins. Per PD-024: algorithmic stablecoin design is a lending-only factor. RD-F-070 n/a Empty cToken-style market (zero supply/borrow) Stake DAO is not a Compound V2 fork and has no cToken-style lending markets. The taxonomy scopes RD-F-070 exclusively to Compound-fork protocols (03-taxonomy.md §Category 4: 'Compound-fork-only (subset of lending-only): RD-F-070 — N/A for non-Compound-fork protocols'). The liquid locker contracts (CurveYCRVVoter etc.) permanently lock governance tokens into veToken contracts; there is no share/totalSupply accounting model that could be exploited via donation. The ERC-4626 RewardVault (staking v2) is a yield-aggregation reward wrapper, not a lending market. Profile confirms original protocol, not a fork. RD-F-071 n/a Seed-deposit requirement for new market listing No market listing mechanism exists in the core protocol. Liquid lockers accept open deposits without a seed-deposit requirement. Per PD-024: seed-deposit requirement for new-market listing is a lending-only factor. RD-F-072 n/a Market-listing governance threshold No Compound-style market listing governance threshold. New liquid locker token types require governance approval (Snapshot vote), but this is protocol expansion governance, not a borrow-market listing threshold with economic safety implications. Per PD-024: market-listing governance threshold is a lending-only factor. RD-F-073 n/a Oracle-manipulation-proof borrow cap No oracle-dependent borrow cap mechanism. Liquid lockers have no borrow functionality. Strategy vaults are capacity-constrained by Curve gauge liquidity, not oracle-dependent caps. Per PD-024: oracle-manipulation-proof borrow cap is a lending-only factor. Profile §7 notes oracle usage is limited to peripheral Morpho lending vault strategies, not core locker or strategy paths. RD-F-074 n/a ERC-4626 virtual-share offset (OZ ≥4.9) Per PD-024, ERC-4626 vault virtual-share offset is a lending-specific factor. Stake DAO's RewardVault (ERC-4626) at 0x74D8dd40118B13B210D0a1639141cE4458CAe0c0 is a yield-aggregation / staking reward wrapper, not a lending market. Source verification confirmed no virtual decimals offset (_decimalsOffset) is implemented in the RewardVault — noted for transparency but does not change the not_applicable classification because the vault is not a lending market. Multiple audits (Trust Security 2025-04, Pashov 2025-08, Omniscia 2025-05/09) cover staking v2 and do not flag first-depositor inflation attacks, consistent with the vault's non-lending classification. RD-F-075 n/a First-depositor / share-inflation guard Per PD-024, first-depositor guard is a lending-specific factor. Strategy vaults are yield-aggregation products, not lending markets. No first-depositor inflation attack vector exists in the liquid locker architecture (deposits lock into external veToken contracts, not into share-based pool accounting). LlamaRisk risk assessment did not identify first-depositor risk in the locker architecture. Scored not_applicable consistent with protocol-type classification.

RD-F-063 green TVL (current + 30d trend) TVL $160.28M as of 2026-05-16 (verified against orchestrator brief $160M within ±20%). 30-day change -9.26%; 1-day change -1.3%. Trailing 90-day CoV 0.078 (mean $162.5M, std $12.7M). Sustained but not collapsing downtrend from ~$176M in mid-February 2026. ATH $450.3M (January 2022). Protocol exceeds $100M coverage threshold. TVL is real and on-chain across a diverse chain set (Ethereum 93.3%, Base 4.3%, Arbitrum 1.0%, Fraxtal 1.0%, others <1%).

Operational history Green 15 15 of 15

RD-F-089 red Insurance coverage active No protocol-level insurance coverage active. OpenCover/Nexus Mutual integration (Oct 2025) enables users to individually purchase coverage for their positions — this is opt-in user-side insurance, not a protocol-operated fund underwriting aggregate TVL ($160M). The 2021 Nexus Mutual Shield Mining partnership established a coverage marketplace (10,000 SDT incentives to NXM stakers) but is not protocol-operated coverage. No Sherlock coverage contest found. No protocol treasury allocation to an insurance fund confirmed in governance reports. Structural gap at $160M TVL. RD-F-088 yellow Re-deployed to new addresses in last year vlSDT (0x94818A7baa7e9F5dC62ce4da1B52ef9a760b80B8) newly deployed April 2026 (~30-45 days before assessment date) as governance architecture migration from veSDT. Trust Security audit covers vlSDT (2026-03). Staking v2 infrastructure is also being progressively deployed per SDGP-55. Core locker contracts (CurveYCRVVoter, sdCRV) are unchanged. Yellow: new governance contract in last year with audit coverage — not a full TVL-carrying redeployment, but a new production surface introduced within scope window. RD-F-166 yellow Deprecated contracts still holding value veSDT (0x0C30476f66034E11782938DF8e4384970B6c9e8a) is subject to an ongoing migration to vlSDT per SDGP-63 (vlSDT launched April 2026). Phase 4 'progressive deactivation of veSDT for new operations' has not yet been reached; no forced migration executed; residual veSDT positions persist. The deprecation announcement exists and migration is underway, but it is incomplete — not a fully completed sunset. Residual locked SDT balance in veSDT is unquantified from on-chain read (curator follow-up: call totalSupply() on veSDT). Yellow: announced migration in progress with residual locked value, not yet a completed deprecated surface with confirmed >$100K stuck value. RD-F-081 n/a Post-exploit response score No prior exploits — post-exploit response score is structurally inapplicable. Factor is not_applicable, not gray: clean incident history is confirmed, not merely unresearched. RD-F-082 n/a Post-mortem published within 30 days No prior exploits — post-mortem publication is structurally inapplicable. Note: Stake DAO maintains an active audit publication practice (15 engagements publicly on GitHub), demonstrating transparency culture, but no incident post-mortem is applicable. RD-F-083 n/a Auditor re-engaged after last exploit No prior exploits — auditor re-engagement after exploit is structurally inapplicable. Protocol maintains a proactive ongoing audit program (15 engagements, most recent Trust Security Mar 2026 for vlSDT) but this is not triggered by an incident. RD-F-085 n/a Incident response time (minutes) No prior incidents — incident response time is structurally inapplicable. Cannot measure time from exploit to first statement without an exploit.

RD-F-076 green Protocol age (days) CurveYCRVVoter contract 0x52f541764E6e90eeBc5c21Ff570De0e2D63766B6 deployed 2021-01-20 per Etherscan (labeled 'Stake DAO: CurveYCRVVoter', created by 'Stake DAO: Deployer'). Days from 2021-01-20 to 2026-05-16 = approximately 1,942 days (~64 months). Green threshold is ≥365 days.

RD-F-077 green Prior exploit count 0 confirmed Stake DAO-native exploits. Rekt.news 'stake rekt' (2023-09-04, $41.6M) is Stake.com casino — confirmed false positive via article content ('Stake, an on-chain casino platform backed by Drake'). hacksdatabase SDT entries (zunami-protocol-rekt.md, zunami-protocol-rekt2.md) involve SDT token as attack tool against Zunami Protocol, not a Stake DAO exploit. DefiLlama hacks API returns hacks: [] for slug stake-dao. No Stake DAO-native loss event found in any source.

RD-F-078 green Chronic-exploit flag (≥3 incidents) 0 incidents confirmed (derived from F077). Chronic flag requires ≥3 incidents — does not fire.

RD-F-079 green Same-root-cause repeat exploit 0 incidents confirmed (derived from F077). Same-root-cause repeat requires ≥2 incidents — does not fire.

RD-F-080 green Days since last exploit No prior exploits — days-since-last metric is undefined. Per methodology: green = >365 days or no incidents. 0 incidents qualifies as green.

RD-F-084 green TVL stability (CoV over 90d) 90-day TVL CoV = 0.078 (mean $162.5M, std $12.7M per data cache). Green threshold is CoV <0.15. The protocol shows stable TVL despite a modest declining trend (-9.26% over 30d from ~$176M to ~$160M). CoV 0.078 is well within the green band — consistent yield-aggregator operations across the 90-day window.

RD-F-086 green Pause activations (trailing 12 months) No pause activation events identified for Stake DAO core contracts in the trailing 12 months (2025-05-16 to 2026-05-16) from available public sources (data cache, governance forum activity reports, Etherscan contract review). Protocol has maintained continuous operation across its 64-month live span. Curator should confirm via Paused()/Unpaused() event log scan on 0x52f541764E6e90eeBc5c21Ff570De0e2D63766B6 and 0x0C30476f66034E11782938DF8e4384970B6c9e8a [?].

RD-F-087 green Pause > 7 consecutive days No pause events identified in trailing 12 months (consistent with F086 = 0 pause activations). The 7-consecutive-days threshold cannot have been triggered. Continuous operation since 2021-01-20 confirmed from governance reports and protocol activity.

Real-time signals Green 0 22 of 22

RD-F-092 gray Unusual mempool pattern from deployer wallet T-09 v2-deferred signal. Deployer wallet 0x000755Fbe4A24d7478bfcFC1E561AfCE82d1ff62 is identifiable on Etherscan. Subsequent funding from governance multisig and CoW Protocol GPv2Settlement is consistent with normal protocol operations. No anomalous deploy sequence detected in public data. Live mempool monitoring pipeline with deployer behavioral baseline model not yet implemented — signal is structurally gray for all T-10 assessments. RD-F-093 gray Abnormal gas-price willingness from attacker wallet T-09 v2-deferred signal. Requires live mempool stream with per-block EMA gas-price baseline. No labeled attacker wallet interacting with Stake DAO at ≥5x EMA gas premium detected in public data. Signal is structurally gray — live mempool monitoring with gas-price anomaly detection not implemented. RD-F-096 gray New ERC-20 approval to unverified contract from whale T-09 v2-deferred signal. Requires per-user allowance monitoring pipeline for sdCRV, SDT, and LP token approvals. No high-TVL whale approval to an unverified contract interacting with Stake DAO detected in public data. Pipeline not implemented. RD-F-103 n/a Bridge signer-set change proposed/executed T-09 v1 launch signal (tier-A). Not applicable — Stake DAO has no user-facing cross-chain bridge for TVL. LaPoste (0xF0000058000021003E4754dCA700C766DE7601C2) is a CCIP-based reward-distribution mechanism for Votemarket campaign claims, not a signer-set bridge in the governance sense. Per-chain strategy deployments are independent with no protocol-operated cross-chain bridge. Data cache: has_bridge_surface = false, layerzero_bridge = false, layerzero.present = false. Profile §7 confirms 'is_a_bridge: false'. RD-F-103 does not fire for non-bridge protocols. RD-F-106 n/a Cross-chain bridge unverified mint pattern T-09 phase-2 signal (v2-deferred in T-09 classification). Not applicable — Stake DAO has no user-facing cross-chain bridge for TVL. LaPoste is a CCIP-based reward distribution mechanism, not a user TVL bridge. Data cache: layerzero.present = false; has_bridge_surface = false. Cross-chain deposit-without-proof pattern is not an applicable signal for this protocol architecture. RD-F-107 gray Admin EOA signing from new geography/device T-09 v2-deferred signal. Requires off-chain admin signing telemetry with device/geography fingerprinting — structurally inaccessible without team opt-in. Stake DAO governance multisig (0xf930ebbd) executes on-chain; signing keys are not geography-tagged in any public data source. Practically ungatherable for any EVM multisig-governed protocol without team integration. RD-F-108 gray GitHub force-push to sensitive branch T-09 v2-deferred signal. contracts-monorepo is public (github_private = false per data cache). Last commit 2026-05-13. No GitHub security advisory or force-push incident detected in public data. Active development (2,190 commits per profile). GitHub webhook monitoring pipeline not implemented for production. Signal cannot be assessed in live mode without a GitHub API webhook subscription. RD-F-109 gray Social-media impersonation scam spike T-09 v2-deferred signal. No specific Stake DAO brand impersonation scam-spike detected in 2024-2025 OSINT search. CertiK Skynet does not flag active impersonator domains for Stake DAO. Social monitoring pipeline not implemented. Signal structurally gray — no social-media monitoring stack deployed. RD-F-110 gray Unusual pending/executed proposal ratio T-09 v2-deferred signal. Stake DAO governance uses Snapshot (off-chain) + multisig; not a standard OpenZeppelin Governor with on-chain proposal enumeration. Snapshot space stakedao.eth has standard proposal cadence (SDGP-66, SDGP-67 recent). No anomalous proposal ratio detected in public data. On-chain governor subgraph monitoring not implemented. Signal structurally limited by hybrid governance architecture.

RD-F-090 green Mixer withdrawal → protocol interaction T-09 phase-2 signal (tier-C, advisory-only). No wallet matching the mixer-withdrawal + protocol-interaction + ≥2-attribution-source profile detected touching Stake DAO core contracts. Deployer wallet (0x000755Fbe4A24d7478bfcFC1E561AfCE82d1ff62) funded by protocol governance multisig system, not a mixer. Zunami Aug 2023 attacker used Tornado Cash AFTER the exploit as laundering venue — this is adversarial-venue-use (U4 passive-venue rule, does not trigger RD-F-090 which requires prospective mixer-funded wallet interacting with the protocol). No Tornado Cash interactions on governance multisig 0xf930ebbd or deployer wallet detected. Signal would not fire today.

RD-F-091 green Partial-drain test transactions T-09 v2-deferred signal (folded into RD-F-098 tier-B precursor rule). No partial-drain test transaction pattern detected. TVL decline of -9.26% over 30 days is gradual organic flow consistent with Curve ecosystem-wide TVL trends, not a step-function drain sequence. DefiLlama daily TVL series shows smooth decline from ~$176M (Feb 2026) to ~$160M (May 2026) with no abrupt step-function outflows to unknown EOA addresses. Signal would not fire today.

RD-F-094 green New contract with similar bytecode to exploit template T-09 v2-deferred signal. No new contract deployment matching Stake DAO locker or strategy contract bytecode fingerprints detected in public data. Curve ecosystem has analogous locker patterns (Convex, Yearn, Stake DAO) but none detected as a fresh attacker-deployed exploit template specifically targeting Stake DAO's contracts in the last 90 days. No OSINT result surfaces a known-exploit-template deployment targeting Stake DAO architecture.

RD-F-095 green Known-exploit function-selector replay T-09 v2-deferred signal. No active known-exploit-template selector replay targeting Stake DAO core contracts detected. The Zunami exploit used SDT pool slippage via Sushiswap to manipulate Zunami's totalHoldings() price function — the exploit selector targets Zunami's oracle path, not Stake DAO's contracts. Stake DAO's liquid locker contracts are not the target of any documented active replay pattern. Morpho lending vault modules use standard Chainlink feeds with normal deviation thresholds.

RD-F-097 green Sybil surge of identical-pattern transactions T-09 v2-deferred signal. No sybil transaction surge detected targeting Stake DAO's Votemarket or locker contracts. Votemarket V2 uses on-chain bribe campaigns with Merkle distributor — not directly susceptible to EOA-sybil voting (vlSDT governance requires prior time-lock per SDGP-66 framework, not permissionless). No clustering anomaly detected in public data.

RD-F-098 green TVL anomaly — % drop in <1h T-09 v1 launch signal (tier-A, instant grade flip). TVL $160.3M as of 2026-05-16. 90-day CoV = 0.078 (mean $162.5M, std $12.7M) — stable. 30d change -9.26% is gradual organic decline, not anomalous. 1d change -1.3% is well within normal volatility. Primary condition threshold (TVL_now/TVL_baseline_30d < 0.70 in 60-min window) not breached. No sub-hour anomalous TVL drop pattern in daily series. Signal not firing today.

RD-F-099 green Oracle price deviation >X% from secondary T-09 phase-2 signal (tier-B). Applicable to Morpho lending vault modules (19 Chainlink feeds detected in data cache). Core liquid locker/sdToken path does not consume price oracle. No oracle deviation on Chainlink ETH/USD (0x5f4eC3Df9cbd43714FE2740f5E3616155c5b8419, heartbeat 3600s, 0.5% threshold), BTC/USD, USDC/USD, or USDT/USD feeds detected as of 2026-05-16. Signal not firing today. Production secondary-source mapping pipeline not yet implemented.

RD-F-100 green Flash loan >$10M targeting protocol tokens T-09 phase-2 signal (tier-B, grade-eligible only when corroborated). vlSDT uses a vote-escrow lock pattern (non-transferable; checkpointed balances per SDGP-66); flash-loan governance attack is structurally blocked — flash-loaned SDT cannot be converted to vlSDT voting power within a single transaction. Beanstalk-class instantaneous governance exploit is not replicable against Stake DAO's vlSDT system. No flash loan >$10M targeting SDT or sdToken contracts from Aave/Uniswap/Balancer flash loan providers detected touching Stake DAO oracle or governor in public data. Signal not firing today.

RD-F-101 green Large governance proposal queued T-09 v1 launch signal (tier-B, flagged-pattern fire). Most recent material proposals: SDGP-66 (vlSDT governance framework, structurally enhancing) and SDGP-67 (signer replacement, no threshold modification). Neither matches malicious-pattern calldata criteria (no admin role change, no delegatecall to non-allowlisted target, no flash-loanable voting weight triggering quorum manipulation). Aragon voting app (0x82e631fe) appears vestigial (last significant activity July 2024 per Etherscan; coverage_flags.aragon_governance = false). No flagged-pattern proposal in active queue detected. Signal not firing today.

RD-F-102 green Admin/upgrade transaction in mempool T-09 phase-2 signal (tier-B). PROXY_ADMIN (0xfE612c237A81527a86f2Cac1FD19939CF4F91B9B) and governance multisig execute upgrades through Timelock (0xD3cFc4E65a73BB6C482383EB38f5C3E1d1411616; delay disputed 8h vs 24h — governance-admin-analyst to resolve). 8-hour timelock provides a meaningful detection window for mempool monitoring. No anomalous admin/upgrade tx detected in available data. Routine governance multisig operational txs (validator + keeper activity) not classified as anomalous. Production mempool listener not yet implemented.

RD-F-104 green Stablecoin depeg >2% on shared-LP venue T-09 v1 launch signal (tier-B). Applicable to Morpho lending vault modules (crvUSD, USDC, FRXUSD strategies). Core CRV locker/sdToken path has no direct stablecoin price dependency. No stablecoin depeg >2% on Chainlink or Curve venues detected as of 2026-05-16. USDC, USDT, DAI, crvUSD all within normal peg range. No stablecoin with shared LP exposure to Stake DAO strategies is currently depegged. Signal not firing today.

RD-F-105 green DNS/CDN/frontend hash drift T-09 phase-2 signal (tier-A on unscheduled drift). Applicable — stakedao.org served via Vercel nameservers (ns1.vercel-dns.com, ns2.vercel-dns.com); DNSSEC unsigned (Vercel limitation). No DNS change or frontend compromise incident detected for stakedao.org in 2024-2025 OSINT sweep. Domain registered NameCheap since 2019-11-25. No hash drift report found. DNSSEC unsigned is a hygiene gap but not a current fire. Production external monitoring stack not yet implemented. Signal not firing today.

RD-F-182 green Security-Council threshold reduction (RT) Batch-24 Cat 6B signal (T-09 v1.1 candidate). Not applicable by architecture — Stake DAO does not have a Security Council construct separate from the main governance multisig. The governance multisig (0xf930ebbd, 4-of-7 threshold) IS the admin authority, gated through the 8-hour Timelock. No dedicated 'Security Council' with a distinct threshold exists that could be weakened in Drift-Protocol style (3/5 to 2/5 + timelock removal). SDGP-67 confirmed a signer replacement that explicitly does not modify the underlying multisig threshold. No threshold reduction event detected. Signal would not fire today because the triggering pattern (SC threshold reduction OR timelock removal by a separate SC) is architecturally absent.

Dev identity & insider risk Green 8 16 of 16

RD-F-117 yellow ENS/NameStone identity bound to deployer EVM-applicable factor (not N/A). Primary deployer 0xb36a0671: Etherscan profile tab shows no ENS name; only carries an Etherscan public name tag 'Stake DAO: Deployer' which is not an ENS/NameStone binding. Active deployer 0x000755Fb: no ENS name resolved per ENS app fetch attempt. Neither deployer address has a verifiable ENS or NameStone identity binding. Etherscan name tags provide some discoverability but are curator-applied labels, not cryptographically signed identity claims. Yellow for absence of ENS binding. RD-F-121 yellow Contributor OSINT depth score OSINT depth by contributor: Julien Bouteloup 5/5 (LinkedIn, Twitter, GitHub, personal site, conference history, prior employer, degrees). imqdee 3/5 (GitHub bio with former employer Ledger, ETHGlobal achievement, email domain; no full name). warrenception 3/5 (GitHub, Twitter, personal site, MutativeLabs affiliation; no full name). PumpkingWok 3/5 (real name Andrea Zuccarini on GitHub, Italy, 67 repos; no LinkedIn). qqqqqd 1/5 (governance forum self-attestation only). Team average ~3/5. Yellow for mixed OSINT depth across the contributor set. RD-F-123 yellow Sudden admin-rescue/ACL change without discussion SDGP-67 (signer replacement PumpkingWok to qqqqqd, posted 2026-05-05) is the primary ACL-change event in the 180-day window. It followed full governance process: 3-day feedback period, 7-day Snapshot vote, 15% quorum requirement, public forum discussion, applicant self-attestation. GitHub commit log (last 30 commits) shows no admin/ACL/owner changes without corresponding tickets. Governance multisig Etherscan shows operational exec-transaction pattern with no sudden undiscussed role-change events. Yellow for residual structural ambiguity: (1) Aragon App 0x82e631fe admin authority unresolved — if it has remaining on-chain admin power, changes there could bypass Snapshot+multisig without appearing in governance forum; (2) timelock delay discrepancy unresolved. Not red — no evidence of an actual undiscussed ACL change found. RD-F-119 gray Commit timezone consistent with stated geography Cannot assess commit-hour timezone distribution without tooling to aggregate GitHub commit timestamps into an hourly histogram. warrenception states Paris (UTC+1/+2) location; imqdee references former Ledger employment (Paris-headquartered); no stated location for pierremarsotlyon1 or Lao0ni. Commit data shows recent commits at dates consistent with EU working hours but no automated timezone-anomaly check is available at OSINT tier. RD-F-122 gray Contributor paid to DPRK-cluster wallet No on-chain payment streams to contributors are publicly traceable. Contributor wallets are not enumerated in the public address book. imqdee's email domain (push20labs.com) suggests an off-chain entity; payroll mechanism unknown. Cannot assess 3-hop proximity for contributor payment wallets without on-chain payment data. Per process-learnings: F122 cannot be meaningfully assessed at OSINT tier for protocols with off-chain payroll. RD-F-184 gray Real-capital social-engineering persona No curator-flagged social-engineering persona identified. No evidence of any 'team contributor' or 'external integrator' persona making ≥$1M deposits to Stake DAO or peer protocols as a credibility-building prelude to social engineering. The Drift Protocol comparator (UNC4736's 6-month capital-deployment persona build-up before the $285M DPRK exploit) has no analogue found in Stake DAO's contributor history. Core contributors have long-tenure verifiable GitHub histories (warrenception 1,175 commits, imqdee 627 commits) inconsistent with a short-tenure implant-persona pattern. Gray — M-only factor per taxonomy definition; requires curator confidence beyond on-chain trail; absence of evidence is not confirmation of safety but no positive signal exists.

RD-F-111 green Team doxx status Founder Julien Bouteloup is fully doxxed with real name, verified LinkedIn (jbouteloup), Twitter (@bneiluj), GitHub (bneiluj), personal website (julienbouteloup.com), and conference speaker history. Core contributors warrenception and imqdee are pseudonymous-with-track-record (multi-year GitHub histories, prior employer disclosures). PumpkingWok (Andrea Zuccarini) is partially doxxed with real name visible on GitHub. qqqqqd is pseudonymous-no-track-record. Multi-tier team: founder at real-name level, core dev team at consistent-pseudonym-with-track-record level.

RD-F-112 green Team public accountability surface Julien Bouteloup has LinkedIn, Twitter, GitHub, personal site, conference talks (Proof of Talk, Blockchain Africa), and Epicenter podcast. imqdee has former Ledger Blockchain R&D employment, ETHGlobal NY 2023 winner, GitHub profile with email domain (push20labs.com). warrenception has GitHub, Twitter (@warrenception), personal site (warrenception.com), and MutativeLabs affiliation. PumpkingWok (Andrea Zuccarini) has GitHub with real name, location Italy, and BlackPool Finance affiliation. Accountability surface is multi-layer for 4 of 5 core contributors.

RD-F-113 green Team other-protocol involvement history Julien Bouteloup founded Stake DAO after 4 years as first core-team BD lead at Curve Finance; also founded Stake Capital Group, BlackPool Finance, and Rekt News — all legitimate operating entities. PumpkingWok affiliated with BlackPool Finance (Julien Bouteloup co-project) and Defiville — no rug history found. imqdee: former Ledger Blockchain R&D, ETHGlobal winner. Web search for 'Stake DAO rug exit scam fraud deployer' returns no results for Stake DAO. No team member found linked to prior rugged protocol.

RD-F-114 green Deployer address prior on-chain history Primary deployer 0xb36a0671: 2,665 transactions, entirely DeFi operational (Curve, Balancer, Frax governance). Labeled 'Stake DAO: Deployer' on Etherscan. Active deployer 0x000755Fb: 1,585 transactions including recent BoostMarketplace, RouterModuleVLSDT, VotingEscrow v2.0.0 deployments — consistent developer pattern. No link to prior rug-labeled protocol found in deployer history.

RD-F-115 green Prior rug/exit-scam affiliation Web search for 'Stake DAO rug exit scam fraud deployer 2021 2022 2023' returns no results linking Stake DAO to any rug or exit scam. All of Julien Bouteloup's prior projects (Curve Finance contribution, Stake Capital Group, BlackPool Finance, Rekt News) are legitimate operating entities with no rug history. Rekt News founding is a positive counter-indicator — the publication covers DeFi hacks and scams. No team member found with prior rug affiliation.

RD-F-116 green Contributor tenure at admin-permissioned PR The most recent functional commits (2026-05-13 chore/lending deploy by imqdee; 2026-05-12 address-book registration by warrenception) are from long-tenure contributors. warrenception has 1,175 commits (highest volume), imqdee has 627 commits — both multi-year track records. PumpkingWok (244 commits, departing signer) is the third highest. No new contributor with sub-30-day tenure has made admin-privileged code changes. SDGP-67 confirms the outgoing signer was a long-tenure contributor.

RD-F-118 green Handle reuse across failed/rugged projects No evidence of handle reuse across failed or rugged projects. Julien Bouteloup (@bneiluj) has a continuous Twitter and GitHub presence consistent with Stake DAO and Curve Finance activity. warrenception GitHub profile shows consistent DeFi development identity. imqdee profile shows consistent identity as a core maintainer. PumpkingWok shows consistent GitHub identity associated with legitimate projects. No handle-switch pattern detected across the known contributor set.

RD-F-120 green Video-off/voice-consistency flag Julien Bouteloup appeared as a named speaker at Proof of Talk Summit and Blockchain Africa Conference — documented video-on conference appearances. Epicenter podcast episode is documented. No video-off or voice-consistency concern flagged for the doxxed founder. Core contributors (warrenception, imqdee) have no documented public interview history but this is not adverse — absence of interview history is not a red signal for developers. No curator-recorded video-off or voice-inconsistency observation.

RD-F-124 green Deployer wallet mixer-funded within 30 days Primary deployer 0xb36a0671: Funded by Binance approximately July 2019 (5 years before first deploy 2021-01-20). Funding-to-deploy gap approximately 18 months — decisively outside 30-day window. No Tornado Cash or mixer interaction at this address. Active deployer 0x000755Fb: Funded 2023-05-23 by 0x0dE51997 (internal Stake DAO operational wallet, itself funded by the primary Binance-funded deployer). 1-hop trace is clean internal chain. No mixer contact detected at either deployer or 1-hop funder in 30-day pre-deploy window.

RD-F-125 green Deployer linked within 3 hops to DPRK/Lazarus Deployer funding chain: Binance (global CEX) to primary deployer to internal relay to active deployer. No OFAC-sanctioned address in this chain. Web searches for 'Stake DAO DPRK Lazarus North Korea developer' and 'Julien Bouteloup DPRK Lazarus group' return zero results linking any Stake DAO team member to DPRK infrastructure. The $41M 'Stake rekt' DPRK event in the data cache refers to Stake.com (online casino), not Stake DAO — confirmed by FBI attribution statement and rekt.news article content identifying 'Stake, an on-chain casino platform backed by Drake'. No Lazarus cluster proximity detected at any hop of the deployer chain. No escalation required.

Fork / dependency lineage Green 0 10 of 10

RD-F-126 n/a Is-a-fork-of Stake DAO is an original protocol — not forked from any upstream codebase. Profile §5 explicitly states 'Not forked / original' with 2,190 commits of original development. Conceptually analogous to Convex Finance but codebase is an independent Solidity implementation. All Cat 8 fork-lineage factors are not_applicable. RD-F-127 n/a Upstream patch not merged No upstream — original protocol. Factor not applicable. RD-F-128 n/a Upstream vulnerability disclosure (last 90d) No upstream — original protocol. Factor not applicable. RD-F-129 n/a Code divergence from upstream (%) No upstream to diff against — original protocol. Factor not applicable. RD-F-130 n/a Fork depth (generations from original audit) Original protocol — fork depth = 0 (not a fork at all). Factor not applicable. RD-F-131 n/a Fork retains upstream audit coverage Not a fork — no upstream audit to retain. Stake DAO has its own 15-engagement independent audit portfolio. Factor not applicable. RD-F-132 n/a Fork has different economic parameters than upstream Not a fork — no upstream reference parameters. Factor not applicable.

RD-F-133 green Dependency manifest uses unpinned versions vlSDT package.json specifies @openzeppelin/contracts: '5.2.0' — exact version pin (no ^ or ~ semver range). foundry-base-config.toml specifies solc = '0.8.28' exactly. Good dependency pinning discipline visible in the vlSDT package. Note: this factor applies to this original protocol's own dependencies, not to an upstream fork relationship.

RD-F-134 green Dependency had malicious-release incident (last 90d) No known malicious release incident in the last 90 days affecting OpenZeppelin 5.2.0 or any other Stake DAO dependency. OpenZeppelin contracts are well-maintained with regular security patch releases. No active GHSA advisory for OZ 5.2.0 found.

RD-F-135 green Shared-library version with known-vuln status OpenZeppelin 5.2.0 is current and not on any known CVE/advisory list. Solidity 0.8.28: the TransientStorageClearingHelperCollision bug only applies when viaIR=true AND transient storage is used; foundry-base-config.toml does not enable viaIR, so this bug is not triggered. Older contracts (Solidity 0.5.17, 0.8.7) have known limitations but no active critical CVEs specific to their usage patterns in this protocol.

Post-deploy hygiene & change mgmt Yellow 25 13 of 13

RD-F-137 yellow Upgrade frequency (per 90 days) veSDT proxy shows 'Latest 3 proxy upgrades' on Etherscan including one on 2026-04-27. Multiple new contract deploys (vlSDT, BoostMarketplace, Morpho vaults) in last 90 days. Active protocol with elevated deployment frequency. RD-F-138 yellow Hot-patch deploys without timelock (last 30 days) veSDT upgraded 2026-04-27 — whether this went through the 8h timelock is not confirmed. PROXY_ADMIN owner unconfirmed. If direct upgrade by PROXY_ADMIN owner without queue/execute, this is a hot-patch bypassing timelock. Cannot confirm all upgrades in last 30 days are timelocked. RD-F-139 yellow Post-audit code changes without re-audit vlSDT: Trust Security audit 2026-03-26; code freeze February 2026; deployment ~April 2026 (~3 weeks after audit). Staking v2 had 4 sequential audits in 2025 (Trust Apr, Omniscia May, Pashov Aug, Omniscia Sep) reflecting iterative code changes with re-audit. No confirmed post-final-audit unreviewed change deployed. Yellow because multi-iteration audit pattern implies code changed between audit rounds (expected) and the vlSDT window between freeze and audit completion is narrow. RD-F-141 yellow Test-mode parameters in deploy vlSDT deployed with _owner = 0x000755Fbe4A24d7478bfcFC1E561AfCE82d1ff62 (the deployer EOA) per Etherscan constructor. If ownership was not subsequently transferred to governance multisig, the deployer EOA retains vlSDT admin authority — a test-mode-equivalent posture for a newly deployed contract. RD-F-146 yellow New contract deploys in last 30 days Multiple new deployments in last 30 days: vlSDT (~2026-04-16), BoostMarketplace (2026-05-13), vlBoost, frxUSD Morpho vault. High fresh attack surface for an active protocol in transition from veSDT to vlSDT governance system. RD-F-168 yellow Stale-approval exposure on deprecated router Aragon Voting App (0x82e631fe565E06ea51a00fAbcd79645272f654eB) deprecated (last tx Jul 2024). Users with active approvals to this or older veSDT contracts may have stale allowances. Not quantified. Low priority given no active exploit pattern, but hygiene gap exists. RD-F-136 gray Deployed bytecode matches signed release tag No confirmed signed release-tag practice for deployed bytecode. Foundry-based monorepo enables reproducibility in principle but no public signed-release artifact found. RD-F-142 gray Storage-layout collision risk across upgrades veSDT upgraded 2026-04-27. Whether OZ upgrades plugin or storage-layout check was applied is not determinable from available data. No known collision incident reported. RD-F-143 gray Reinitializable implementation (no _disableInitializers) vlSDT is non-proxy (verified non-proxy source) — RD-F-143 N/A for vlSDT. veSDT is TransparentUpgradeableProxy; implementation is 0xe4c978731617096d04ea271a2499cf48b99cdc3e. Cannot confirm _disableInitializers() in implementation constructor from proxy contract page alone. Static analysis required. Gray pending code-security-analyst inspection of implementation source. RD-F-145 gray Deployed bytecode reproducibility No public build-reproduction documentation found. Foundry-based repo enables reproducibility in principle but no verified build artifact provided. RD-F-185 n/a Bridge rate-limiter / chain-pause as positive mitigant has_bridge_surface=false. LaPoste (CCIP) is a Votemarket reward-distribution mechanism, not a user-facing bridge carrying TVL. No bridge rate-limiter or chain-pause mitigant applicable to Stake DAO's core protocol.

RD-F-140 green Fix-merged-but-not-deployed gap No known open vulnerability with a merged fix awaiting deployment. No post-mortem or disclosed gap identified for Stake DAO proper. No incidents on record requiring a fix-deploy gap analysis.

RD-F-144 green CREATE2 factory permits same-address redeploy No evidence of CREATE2 factory pattern in core contracts. Standard deployer EOA deploys contracts. No CREATE2 redeploy vector identified.

Cross-chain & bridge Gray 0 12 of 12

Threat intelligence & recon Green 8 8 of 8

RD-F-158 yellow Known-threat-actor cluster has touched protocol T-09 phase-2 signal (tier-C, advisory only). Zunami Protocol exploit (Aug 13, 2023): attacker EOA manipulated SDT pool slippage on Sushiswap to inflate UZD balance, then laundered ~1183 ETH through Tornado Cash. Stake DAO's SDT pool was used as an attack venue (adversarial-venue-use / U4 passive-venue rule) — Stake DAO was NOT the victim protocol and its contracts were not exploited. Per U4 process learning, this is yellow (historical adversarial-venue-use documented in threat history) not red. No Lazarus Group, DPRK, or OFAC-listed wallet attributed to directly touching Stake DAO contracts in 2024-2026 OSINT sweep. No active threat-actor wallet touching Stake DAO contracts in last 30 days detected in public data. RD-F-159 gray Attacker wallet pre-strike probe (low-gas failing txs) T-09 v2-deferred signal. No mempool probe pattern from labeled threat-actor clusters targeting Stake DAO contracts detected in public data. Requires live mempool feed with cluster attribution — not implemented. Structurally gray for T-10 assessment. RD-F-163 gray Avg attacker reconnaissance time for peer-class protocols Class-level statistic (methodology template §12 note: present as contextual note, not per-protocol flag). Curve/DeFi ecosystem vote-aggregator protocols: Zunami-class price manipulation attacks involved rapid same-session execution (not prolonged reconnaissance). USPD 78-day reconnaissance pattern applies more to DPRK-class targeted attacks on bridge protocols. Stake DAO's current threat surface (vote aggregator, no large user-facing bridge) is less attractive for nation-state long-term reconnaissance than bridge or perpetuals protocols. Curator input required to translate class-level statistic into a protocol-specific risk posture. RD-F-164 gray Leaked credential on paste/sentry site No leaked credential for stakedao.org, docs.stakedao.org, votemarket.stakedao.org, or Stake DAO GitHub detected in public paste/sentry searches as of 2026-05-16. Requires specialized credential-monitoring feed (HaveIBeenPwned, Dehashed, Sentry.io abuse monitoring) — these are not publicly accessible without licensed API. Structurally gray for T-10 assessment. RD-F-165 gray Protocol social channel has scam-coordinator flag No Telegram or Discord scam-coordinator flag for Stake DAO channels found in public watchlists. No OSINT result surfacing scam-coordination activity specific to Stake DAO in 2024-2025. Curator-maintained scam-coordinator watchlist not available for this T-10 assessment. Structurally gray — requires curator watchlist with documented update cadence.

RD-F-160 green GitHub malicious-dependency incident touching protocol deps No GHSA or npm security advisory for a malicious release in a dependency consumed by stake-dao/contracts-monorepo detected in public data as of 2026-05-16. Package.json is present (data cache: package_json_present = true). No GitHub security.md present (security_md_present = false) — a hygiene gap but not a Cat 11 fire condition. No active malicious-dependency incident surfaces in OSINT search for Stake DAO packages.

RD-F-161 green Protocol-impersonator domain registered (typosquat) No specific Stake DAO typosquat domain (e.g., stake-dao.org, stakedao.io, stakeadao.org, etc.) confirmed in public OSINT search as of 2026-05-16. CertiK Skynet does not flag active impersonator domains for Stake DAO. Targeted OSINT search for 'Stake DAO typosquat phishing domain 2025 2026' returned no protocol-specific results (returned only generic brand-protection articles). Stake DAO has lower public profile than Tier-1 protocols that commonly attract typosquat campaigns (Chainlink, Aave). DNSSEC unsigned on primary domain stakedao.org is a defense gap. Assessed as green pending active domain monitoring pipeline — absence of confirmed active typosquat noted [?].

RD-F-162 green Known-exploit-template selector deployed by any address No contract deployment matching a known-exploit-template selector pattern targeting Stake DAO's architecture detected in public data. The Zunami exploit used SDT pool slippage manipulation to attack Zunami's own totalHoldings() oracle — the exploit template targets Zunami's code path, not Stake DAO's locker contracts. Stake DAO's non-upgradeable locker contracts (CurveYCRVVoter 0x52f541764) are not exposed to the flash-loan reentrancy template class (e.g., Vyper 0.2.15-0.3.0 reentrancy) that affected Curve pools directly in July 2023. No new exploit-template deployments targeting Stake DAO's specific architecture detected.

Tooling / compiler / AI Green 17 5 of 5

RD-F-170 yellow Solc version used (known-bug versions flagged) Primary solc: 0.8.28 (foundry-base-config.toml, vlSDT Etherscan confirmed). Votemarket V1: 0.8.17. LaPoste: 0.8.19. sdCRV: 0.8.7. CurveYCRVVoter: 0.5.17 (EOL — Solidity 0.5.x is unsupported; this is the primary CRV locker holding veCRV position). Known-bug assessment: 0.8.28 TransientStorageClearingHelperCollision bug requires viaIR=true (not enabled per foundry-base-config.toml) — not triggered. 0.5.17 is EOL but contract is simple and non-upgradeable. Yellow for presence of EOL Solidity 0.5.17 in a functionally important but architecturally simple contract. RD-F-174 yellow Dependency tree uses EOL Solidity version Core contracts use supported versions: vlSDT 0.8.28 (current), Votemarket 0.8.17/0.8.19 (supported), sdCRV 0.8.7 (older but not EOL in same way). CurveYCRVVoter uses Solidity 0.5.17 — this is EOL (Solidity 0.5.x is no longer supported). CurveYCRVVoter holds the primary CRV locker position for the protocol. Yellow: EOL version on a functionally important contract, though the contract is architecturally simple and non-upgradeable. RD-F-171 n/a Bytecode similarity to audited upstream with behavior deviation Original protocol with no audited upstream to compare against. The bytecode-similarity/AI-copy-risk factor requires an upstream reference. Not applicable for an original codebase.

RD-F-172 green Repo shows AI-tool co-authorship in critical files Reviewed commit history for vlsdt package (May 2026 commits) — no AI-tool co-authorship markers (e.g., 'Co-authored-by: GitHub Copilot') found in commit messages. Monorepo has 2,190 commits with no evidence of AI co-authorship in security-critical files. No AI tool disclosure in commit trailers.

RD-F-173 green Team self-disclosure of AI-generated Solidity No public team disclosure of AI-generated Solidity in security-critical code found. Searched StakeDAO Medium blog, governance forum, and commit messages. No disclosure of AI code generation in production contracts identified.

Response & disclosure hygiene Red 50 4 of 4

RD-F-175 red Disclosure channel exists No public security disclosure channel found. The /bug-bounty URL (https://www.stakedao.org/bug-bounty) returns HTTP 404 as of 2026-05-16. No Immunefi program (data cache: platform=null, url=null; Immunefi URL returns 404). No SECURITY.md in contracts-monorepo (security_md_present=false per data cache). No security@ email in docs, GitHub, or public communications. No security contact page. Docs reference a bug-bounty link internally but the destination does not exist. Discord and GitHub Issues are not formally configured as monitored disclosure channels. Red: no public disclosure channel for a $160M TVL live DeFi protocol with 64 months operational history. RD-F-176 red Disclosure SLA public No acknowledgment-time SLA published anywhere. The bug-bounty page (https://www.stakedao.org/bug-bounty) returns HTTP 404. No SLA language found in docs (docs.stakedao.org), governance forum, blog (stakedaohq.medium.com), or Terms & Conditions (https://www.stakedao.org/stake-dao-terms-and-conditions.pdf). No Immunefi program with stated SLA. Red: no SLA published.

RD-F-177 green Prior known-ignored disclosure No Stake DAO-native exploits confirmed in any source. With 0 incidents, there is no post-mortem documenting a prior ignored disclosure, and no public researcher disclosure-then-exploit sequence has been identified for Stake DAO. Green: no evidence of ignored disclosure.

RD-F-178 green CVE/GHSA advisory issued against protocol No CVE or GHSA advisory found against stake-dao/contracts-monorepo or any related Stake DAO repository in the GitHub Security Advisories database or NVD CVE database. Data cache does not surface any advisory. Green: no advisory issued.

rubric_version v1.7.0 graded_at 2026-05-16 22:00:00 factors 184 protocol stake-dao