defirisk.co
rubric v1.7.0

Deployed bytecode matches signed release tag

Usual (USD0 / bUSD0 / USUAL)'s assessment for RD-F-136 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Cannot verify: GitHub main repo (usual-dao/pegasus) is PRIVATE. No signed release tags available publicly. Bytecode on-chain and Etherscan-verified, but commit-to-bytecode correspondence cannot be independently confirmed.

Sources #

  • Internal
    Usual data cache and profile — private GitHub repo00-data-cache.json: github.repo_url = null, foundry_toml_present = false; 00-profile.md §3: 'Main smart contract repo is PRIVATE'retrieved 2026-05-17

Methodology #

Determine whether the deployed runtime bytecode corresponds to a signed git tag in the protocol's repository.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol usual factor RD-F-136 score gray collected_at 2026-05-16 20:39:44