Formal verification coverage
Stake DAO's assessment for RD-F-009 — scored red on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
Zero formal verification coverage. Certora SecurityReports portfolio does not list Stake DAO. No Certora, Halmos, or Kani specifications found in the contracts-monorepo. The foundry-base-config.toml shows only fuzz_runs=50 (basic fuzzing). Documentation lists 5 audit firms — none are formal verification providers. At $160M TVL with 15 audit engagements, zero FV coverage is a notable gap per methodology (red = 0% FV).
Sources #
- GitHubCertora Security Reports PortfolioCertora SecurityReports — Stake DAO absent from portfolioretrieved 2026-05-16
- Stake DAO Foundry Base Configfoundry-base-config.toml — fuzz_runs=50, no FV configurationretrieved 2026-05-16
Methodology #
Determine the percentage of protocol-declared critical invariants covered by a formal verification proof (Certora Prover, Kani, Halmos, or equivalent).
See the full factor methodology and distribution across all protocols →