Ignored bounty disclosure

Across Protocol's assessment for RD-F-008 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No confirmed pre-exploit ignored disclosures identified. The protocol has zero smart-contract exploits to date. The unresolved OFT OFT high (H-01, "Failed Messenger Can Render the Canonical Methods Useless") was a design acceptance documented in the audit, not an ignored disclosure. The Feb 2026 EIP-712 medium was similarly acknowledged and accepted. Neither constitutes an "ignored disclosure before exploit."

Sources #

URL
OpenZeppelin OFT Integration audit (Jul 2025) — last confirmed audithttps://www.openzeppelin.com/news/across-protocol-oft-integration-differential-auditretrieved 2026-04-26
URL
https://www.openzeppelin.com/customer-stories/acrossretrieved 2026-04-28

Methodology #

Determine whether any prior post-mortem documents a disclosed vulnerability that was reported to the team and not actioned before exploit.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol across-protocol factor RD-F-008 score green collected_at 2026-04-30 21:19:18