defirisk.co
rubric v1.7.0

Code complexity vs audit coverage

SUNSwap (sun.io)'s assessment for RD-F-024 — scored red on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

V3 (concentrated liquidity tick math, position management, multiple fee tiers) and V4 (singleton + hooks + flash accounting + 6 TRON-specific additions) are highly complex. Neither has any confirmed public audit. Code complexity is high; audit coverage is zero for operative surfaces.

Sources #

  • Internal
    SUNSwap protocol profile section 800-profile.md §8 — no V2/V3/V4 audit confirmedretrieved 2026-05-17
  • GitHub
    SUNSwap V3 contractssunswap-v3-contracts — 97.7% Solidity, high complexity matching Uniswap V3retrieved 2026-05-17
  • GitHub
    SUNSwap V4 coresunswap-v4-core — singleton + hooks + 6 TRON innovationsretrieved 2026-05-17

Methodology #

Determine whether the cyclomatic complexity or LOC-per-audit-day ratio exceeds the curator-declared credibility threshold for the audit to be meaningful.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol sunswap factor RD-F-024 score red collected_at 2026-05-17 14:37:31