Code complexity vs audit coverage

Axelar Network's assessment for RD-F-024 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Code4rena 2024-08 covered 4,000 SLOC across 18 days (Amplifier + CosmWasm ITS Hub + ITS Solidity). The total Axelar EVM codebase is larger when including the legacy gateway, GMP SDK, and ITS. Multiple firms have reviewed the full codebase across 3+ years and 60+ engagements. Complexity is high given multi-chain architecture but audit coverage is extensive. Yellow: adequate coverage overall but high system complexity and multi-chain surface prevents a definitive green.

Sources #

GitHub
Code4rena 2024-08 Axelar ScopeCode4rena 2024-08 scope: 4000 SLOC across 18-day contestretrieved 2026-05-17
GitHub
Axelar Audits - Comprehensive Coverage ContextAxelar audits README - 60+ engagements across all codebase componentsretrieved 2026-05-17

Methodology #

Determine whether the cyclomatic complexity or LOC-per-audit-day ratio exceeds the curator-declared credibility threshold for the audit to be meaningful.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol axelar factor RD-F-024 score yellow collected_at 2026-05-16 21:57:49