Shared-library version with known-vuln status

Superstate's assessment for RD-F-135 — scored not_applicable on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Factor assesses fork-inherited shared library vulnerability status. Not applicable for original-design protocols. For reference: OZ v4.9.3 GHSA-g4vp-m682-qqmp (ERC2771Context) is not applicable to SuperstateToken which does not use ERC-2771.

Sources #

GitHub
OZ upgradeable v4.9.3 security advisory (non-applicable to SuperstateToken)OZ v4.9.3 GHSA-g4vp-m682-qqmp: ERC2771Context edge case. SuperstateToken does not use ERC-2771 meta-transactions.retrieved 2026-05-16

Methodology #

Identify the version of key shared libraries (OZ, Solady, Solmate) used and check against CVE/GHSA databases for any active advisory.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol superstate factor RD-F-135 score not_applicable collected_at 2026-05-16 00:06:37