★ Audit scope mismatch

USDD (Decentralized USD)'s assessment for RD-F-001 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

ChainSecurity completed ≥5 USDD audits (latest Oct 2025, 5th engagement, covering Ethereum/BSC). Canonical Ethereum ERC-20 (0x4f8e5de400de08b164e7421b3ee387f461becd1a) is source-verified on Etherscan (Solidity 0.6.12, Exact Match). Audit PDF is binary (not parseable for commit SHA). TRON primary (TPYmHEhy5n8TCEfYGqW2rPxsghSfzghPDn) Tronscan-blocked, source unverifiable. Cannot confirm bytecode-to-commit-SHA match at the primary audit source level. Yellow: audit coverage real and multi-round but commit-level verification structurally inaccessible.

Sources #

Etherscan
Usdd Stablecoin (USDD) verified source - EtherscanUSDD canonical Ethereum ERC-20 source verification - Solidity 0.6.12 Exact Matchretrieved 2026-05-17
Audit
ChainSecurity Completes Fifth USDD Audit Report, Affirming High Safety StandardsChainSecurity 5th USDD audit announcement (October 2025)retrieved 2026-05-17
Audit
Smart Contract Audit - USDD on Ethereum and BSC - ChainSecurityChainSecurity USDD on Ethereum and BSC audit report pageretrieved 2026-05-17

Methodology #

Check whether the commit SHA cited in the audit report matches the bytecode deployed at the production proxy/implementation address.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol usdd factor RD-F-001 score yellow collected_at 2026-05-17 11:34:18