★ Audit scope mismatch

stHYPE (Valantis Labs)'s assessment for RD-F-001 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Six audit engagements span Feb 2025–Apr 2026; most recent (Obsidian Apr 2026) covers the April 10 2026 upgrade per changelog. All three core contracts verified on hyperevmscan.io with 'Exact Match' status. Audit PDFs are GitHub-hosted binaries — commit SHAs inside PDFs are not parseable via WebFetch, so bytecode-to-report-commit cross-check cannot be independently confirmed. No evidence of deployed bytecode post-dating the most recent audit.

Sources #

URL
stHYPE token proxy — Exact Match verification statushyperevmscan.io/address/0xfFaa4a3D97fE9107Cef8a3F48c069F577Ff76cC1#coderetrieved 2026-05-17
GitHub
ValantisLabs audits repository — listing of 6 stHYPE PDFsgithub.com/ValantisLabs/audits — 6 stHYPE audit PDFsretrieved 2026-05-17
Docs
Valantis Roles and Controls Registry — upgrade changelogdocs.valantis.xyz/stakedhype/roles-and-controls-registry — Apr 10 2026 changelog entryretrieved 2026-05-17
GitHub
Obsidian Security stHYPE audit April 2026github.com/ValantisLabs/audits/blob/main/obsidian_april_2026.pdfretrieved 2026-05-17

Methodology #

Check whether the commit SHA cited in the audit report matches the bytecode deployed at the production proxy/implementation address.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol staked-hype factor RD-F-001 score yellow collected_at 2026-05-17 13:02:38