ERC-4626 virtual-share offset (OZ ≥4.9)

Venus Protocol's assessment for RD-F-074 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Venus uses OpenZeppelin contracts version 4.9.3 (confirmed in data cache: oz_contracts_version: 4.9.3). OZ 4.9.x introduced the virtual-share offset (decimal offset) in ERC4626 as the canonical first-depositor inflation mitigation. If VenusERC4626 inherits from OZ 4.9.3 ERC4626Upgradeable, the virtual-share offset should be present by default. However, the Venus ERC-4626 vault documentation does not explicitly confirm the virtual-share offset is active — it references ERC4626Upgradeable without naming the offset mechanism. Without source code inspection confirming the offset pattern, confidence is medium-low. Score: yellow (likely protected via OZ 4.9.3 but not confirmed from documentation alone). Curator should verify via source read of VenusERC4626.sol.

Sources #

Docs
VenusERC4626 Vaults — Venus Protocol DocsVenus docs — VenusERC4626 vault technical reference (references ERC4626Upgradeable, does not name offset)retrieved 2026-04-28
URL
Venus Data Cache — oz_contracts_version fieldData cache: oz_contracts_version: 4.9.3 — OZ 4.9.x includes ERC4626 virtual-share offset by defaultretrieved 2026-04-28

Methodology #

Determine whether ERC-4626 vaults use OpenZeppelin ≥4.9 virtual-share offset pattern to prevent first-depositor share-inflation.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol venus factor RD-F-074 score yellow collected_at 2026-04-28 18:30:49