Code complexity vs audit coverage

Stake DAO's assessment for RD-F-024 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Monorepo has 2,190 commits; Solidity 97.1%. 15 audit engagements across 5 firms covering major product surfaces (liquid lockers, Votemarket V1/V2, OnlyBoost v1/v2, Staking v2, LaPoste, ZeroLend locker, Curve oracles, vlSDT). Strategy contracts (20+ yield strategies across 10 chains) are covered as a framework rather than individually. Audit breadth is strong; borderline on LOC-per-audit-day for the full strategy layer. Yellow reflecting adequate but not comprehensive coverage.

Sources #

GitHub
Stake DAO Contracts Monorepocontracts-monorepo — 2,190 commits, Solidity 97.1%retrieved 2026-05-16
GitHub
Stake DAO Audits Repositorystake-dao/audits — 15 engagements across major modulesretrieved 2026-05-16

Methodology #

Determine whether the cyclomatic complexity or LOC-per-audit-day ratio exceeds the curator-declared credibility threshold for the audit to be meaningful.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol stake-dao factor RD-F-024 score yellow collected_at 2026-05-16 12:29:20