defirisk.co
rubric v1.7.0

Static-analyzer high-severity count

Balancer (v2 + v3)'s assessment for RD-F-010 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No published Slither, Mythril, or Semgrep static analysis output for Balancer v2 or v3 deployed bytecode found in public sources. The v2 repo uses foundry with fuzz_runs:9999 (Echidna-equivalent fuzzing confirmed per data cache). Trail of Bits 2021 audits used Echidna finding TOB-BALANCER-004. No systematic CI-integrated static analyzer output publicly released. Requires tool run on deployed bytecode to score this factor.

Sources #

  • Curator note
    Data cache: foundry present, fuzz runs 9999 (v2 repo)data-cache github.foundry_toml_present=true fuzz_runs=9999retrieved 2026-05-05

Methodology #

Count the number of unique high-severity detector findings from Slither + Mythril + Semgrep run against the deployed verified source (after deduplication across tools).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol balancer factor RD-F-010 score gray collected_at 2026-05-05 12:41:36