★ Post-audit code changes without re-audit

Usual (USD0 / bUSD0 / USUAL)'s assessment for RD-F-139 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

All identified upgrades have corresponding audit engagements. bUSD0 upgrades (Mar/Jul/Nov 2025) covered by Sherlock + Spearbit + Halborn. DaoCollateral Dec 2024 pre-covered by Cantina Oct + Halborn Nov 2024. Revenue Switch (Jan 2025) covered by Spearbit Jan 2025. ETH0 (May 2025) by Hexens/Halborn/Sherlock. No unaudited upgrade gaps identified. Private repo = SHA verification gap; confidence medium.

Sources #

URL
Sherlock contest #832 — bUSD0 post-upgrade auditSherlock contest #832 (March 2025): bUSD0 investment vault and protocol-wide — confirms post-upgrade auditretrieved 2026-05-17
Docs
Usual tech docs — audits page (comprehensive re-audit evidence)tech.usual.money/security-and-audits/audits: 20+ engagements 2024-05 through 2025-11 covering bUSD0 upgrades, DaoCollateral, ETH0, sUSD0retrieved 2026-05-17

Methodology #

Count deployed changes to audited bytecode where no subsequent audit or spot-review covers the changed code.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol usual factor RD-F-139 score green collected_at 2026-05-16 20:39:44