ecrecover zero-address return unchecked

Superstate's assessment for RD-F-019 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Audit-2 M-1 flagged permit() EIP-2612 compliance issue (addressed in final commit). No ecrecover zero-address check finding identified. Slither ecrecover-malleable detector needed for definitive confirmation.

Sources #

Audit
0xMacro Superstate Audit 2 (permit M-1)0xMacro superstate-2 M-1: permit() EIP-2612 compliance, addressed. No ecrecover zero-address finding.retrieved 2026-05-16

Methodology #

Determine whether any `ecrecover` call result is used without a `!= address(0)` guard.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol superstate factor RD-F-019 score gray collected_at 2026-05-16 00:06:37