★ Audit scope mismatch

Axelar Network's assessment for RD-F-001 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Axelar has 60+ audit reports from 13+ firms covering EVM gateway and Cosmos core (2021-2025). Most recent ITS audits within 365 days (Ackee 2025-01, NCC 2024-11). However, bytecode-to-commit-SHA match for the deployed Ethereum AxelarGateway impl (0x99B5FA03, compiled 0.8.9, deployed ~2022) was not independently confirmed in this session. Scope mismatch cannot be ruled out with certainty for the legacy gateway implementation; newer ITS and AmplifierGateway contracts have recent audits covering deployed versions.

Sources #

Etherscan
AxelarGateway Implementation EtherscanAxelarGateway implementation contract 0x99B5FA03 verified source, Solidity 0.8.9retrieved 2026-05-17
URL
Axelar CGP Audit Summary - Ackee BlockchainAckee Blockchain 2022 CGP audit summary with commits c6f8c7c, 838de95e41, 1cd26b3retrieved 2026-05-17
GitHub
Axelar Network Audits Repository READMEAxelar audits repository README listing all 60+ engagementsretrieved 2026-05-17

Methodology #

Check whether the commit SHA cited in the audit report matches the bytecode deployed at the production proxy/implementation address.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol axelar factor RD-F-001 score yellow collected_at 2026-05-16 21:57:49