Known-exploit-template selector deployed by any address

Sushi (SushiSwap) — v2 + v3 + Trident + BentoBox/Kashi + SushiXSwap's assessment for RD-F-162 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No contract deployed containing a function-selector pattern matching the RouteProcessor2 exploit template (arbitrary processRoute callback + uniswapV3SwapCallback manipulation) targeting current Sushi production contracts as of 2026-05-17. Current production router (RouteProcessor3/v3-generation) has the vulnerability patched. Deprecated RouteProcessor2 (0x044b75f554b886A065b9567891e45c79542d7357) still exists on-chain but is no longer the production routing target. No redeployment of exploit-template bytecode detected.

Sources #

Etherscan
RouteProcessor2 (exploited, deprecated) — EtherscanRouteProcessor2 deprecated — 0x044b75f554b886A065b9567891e45c79542d7357; no new exploit-template deployments targeting current production contractsretrieved 2026-05-17

Methodology #

Determine whether any contract has been deployed containing a function-selector pattern matching a known exploit template targeting protocols of this class.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol sushi factor RD-F-162 score green collected_at 2026-05-16 19:50:37