Permissionless-pool lending oracle

Sushi (SushiSwap) — v2 + v3 + Trident + BentoBox/Kashi + SushiXSwap's assessment for RD-F-181 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Kashi DOES support permissionless pair creation — any user can deploy a new Kashi pair with any chosen collateral, asset, and oracle that conforms to the IOracle interface. This means a malicious actor could create a Kashi pair using a manipulable oracle (e.g., a spot DEX pool). The 2022 Kashi exploit affected official pairs with Chainlink oracles (logic bug, not permissionless-oracle manipulation), so F181's Rhea Finance pattern ($18.4M fake-pool seeding) does not match exactly. However, the permissionless pair creation surface exists and any token/oracle combination is theoretically deployable. Scored yellow: no incident of this exact attack vector on Kashi is documented, and Kashi is near-deprecated; the risk is theoretical for the current TVL but the structural permissionlessness is real.

Sources #

URL
Sushi Blog: Introducing Kashi Lending & Margin TradingSushi Introducing Kashi — explains permissionless pair deployment modelretrieved 2026-05-17
URL
Sushi forum: Kashi — Add permissionless oraclesSushi forum — permissionless oracle framework: any conforming IOracle can be used in a Kashi pairretrieved 2026-05-17

Methodology #

Determine whether the lending protocol accepts spot prices from a DEX where any user can permissionlessly create new pools, without requiring a TWAP window, liquidity floor, or token-age minimum on the venue side.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol sushi factor RD-F-181 score yellow collected_at 2026-05-16 19:50:37