★ Post-audit code changes without re-audit
stHYPE (Valantis Labs)'s assessment for RD-F-139 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
April 2026 upgrade covered by Obsidian April 2026 audit — best alignment. July 2025 and OverseerV1 upgrades have proximate but not commit-level-confirmed audits. 6 audits in 15 months represents high audit frequency. No-timelock posture means code can be deployed without delay post-audit, but no evidence of unaudited changes found. Yellow due to unverifiable commit-level alignment.
Sources #
- URLHyperEVMScan — stHYPE proxy historyhyperevmscan.io stHYPE upgrade history — July 2025 upgrade (impl 0xA2Fdc8ec) nearest audit: Three Sigma Feb 2025 (4 months prior) or Pashov Oct 2025 (3 months after)retrieved 2026-05-17
- Guardian Audits — stHYPE January 2026github.com/ValantisLabs/audits/blob/main/guardian_jan_2026.pdf — Guardian January 2026; proximate to Feb 2026 OverseerV1 upgraderetrieved 2026-05-17
- Obsidian Security — stHYPE April 2026 auditgithub.com/ValantisLabs/audits/blob/main/obsidian_april_2026.pdf — Obsidian Security April 2026; covers April upgraderetrieved 2026-05-17
Methodology #
Count deployed changes to audited bytecode where no subsequent audit or spot-review covers the changed code.
See the full factor methodology and distribution across all protocols →
rubric_version v1.7.0 protocol staked-hype factor RD-F-139 score yellow collected_at 2026-05-17 13:02:38