defirisk.co
rubric v1.7.0

Re-deployed to new addresses in last year

A operational history factor in the v1.7.0 rubric. Measured per protocol on a e cadence.

Methodology how we score #

**What this measures** This factor records whether the protocol redeployed to a new set of contract addresses in the trailing twelve months, retiring at least one previously-live contract that held user funds. Redeployments are detected via on-chain history and protocol announcements. This does not include proxy upgrades (which preserve the address), only full address migrations. It flags the risk that a migration introduced new, unaudited code or created a window during which user funds were briefly in a less-secure state.

**Why it matters** Full redeployments are high-risk events for two related reasons. First, the new contracts are effectively new code that begins life with no battle-testing clock, resetting the age signal (RD-F-076). Second, redeployments often occur under operational pressure (post-exploit remediation, V2 launches) when the team's attention is divided and the temptation to skip re-audit is strongest. GMX V1 ($42M recovered, 2025) was exploited via a security patch added three years after the last audit -- a redeployment-style risk even without a full address migration. Several protocols in the dataset also exploited migration windows to front-run users moving funds to the new version.

**Green / Yellow / Red** Green: no redeployment to new addresses in the trailing twelve months. Yellow: one redeployment with a full audit of the new contracts and public migration announcement with adequate lead time. Red: redeployment without a new audit of the migrated code, or redeployment with fewer than seventy-two hours of public notice to allow users to exit.

**Common gray cases** Protocols that operate a perpetual multi-version architecture (V1 and V2 simultaneously live) are distinguished from full migrations; the score applies only to deployments intended to replace prior versions that held user funds.

**Notable historical examples** No cross-hacked incidents currently linked in database for this factor.

Measurement what to look for #

Determine whether the protocol retired prior deployed contracts and redeployed to a new address set in the last 12 months.

Data & output #

Data source
Protocol docs migration announcements + on-chain self-destruct or migration-migration events + Etherscan contract creation dates
Output format
Green / Yellow / Red
Evidence artifact
New deploy tx hashes + prior contract addresses (deprecated) + announcement URL
Confidence signal
green = no full redeployment in last 12 months; yellow = redeployment with documented migration path and user communication; red = redeployment with incomplete migration or unexplained; gray = no prior contracts to compare

Scored protocols 80 carry this factor #

Protocol RD-F-088
Aave v3 ethereum green Across Protocol ethereum gray Aerodrome Finance base green Axelar Network ethereum green Babylon Protocol bitcoin green Balancer (v2 + v3) ethereum yellow Beefy Finance ethereum green BENQI avalanche green BlackRock USD Institutional Digital Liquidity Fund (BUIDL) ethereum green Cap (cUSD / stcUSD) ethereum green Centrifuge ethereum yellow Chainlink CCIP ethereum yellow Circle USYC binance green Compound V3 (Comet) ethereum green Concrete ethereum green Convex Finance ethereum green crvUSD (Curve Stablecoin) ethereum green Curve Finance ethereum green deBridge ethereum green Dolomite ethereum yellow dYdX v4 (dYdX Chain) dydx green EigenLayer ethereum green Ethena ethereum green ether.fi ethereum green Euler V2 ethereum not_assessed Falcon Finance ethereum green Fluid ethereum green Frax Finance ethereum yellow GMX v2 (GMX Synthetics) arbitrum yellow Hyperlane ethereum yellow Hyperliquid arbitrum green Jito solana green Jupiter solana green Jupiter Perpetual Exchange solana green JustLend DAO tron gray Kamino Lend solana green Kinetiq hyperliquid green Lido ethereum green Liquid Collective (LsETH) ethereum green Liquity V1 + V2 (LUSD / BOLD) ethereum yellow Lista DAO bsc yellow Lombard Finance ethereum green M^0 ethereum green Maple Finance ethereum yellow Marinade Finance solana green Meteora solana green mETH Protocol ethereum green Midas ethereum green Morpho V1 (Morpho Blue + MetaMorpho) ethereum green Multipli ethereum yellow Ondo Finance ethereum gray OpenEden ethereum green Orca solana green PancakeSwap bsc green Pendle Finance ethereum green Polymarket polygon yellow QuickSwap polygon green Raydium solana green Rocket Pool ethereum yellow Sanctum solana green Save (formerly Solend) solana green Sky Lending (formerly MakerDAO) ethereum yellow Spark Protocol ethereum green Spiko stellar green Stake DAO ethereum yellow StakeWise v3 ethereum green Stargate Finance ethereum gray stHYPE (Valantis Labs) hyperliquid green SUNSwap (sun.io) tron yellow Superstate ethereum green Sushi (SushiSwap) — v2 + v3 + Trident + BentoBox/Kashi + SushiXSwap ethereum green Symbiotic ethereum green Synapse Protocol ethereum not_assessed Uniswap (v2 + v3) ethereum green USDD (Decentralized USD) tron yellow Usual (USD0 / bUSD0 / USUAL) ethereum yellow Veda (BoringVault) ethereum green Venus Protocol bsc green Wormhole ethereum gray Yearn Finance ethereum green
0 red · 18 yellow · 55 green

Linked hacks no historical incidents linked #

No historical incidents are linked to this factor.
rubric_version v1.7.0 factor RD-F-088 category 5 carried 80 critical no