defirisk.co
rubric v1.7.0

Permissionless-pool lending oracle

Beefy Finance's assessment for RD-F-181 — scored not_applicable on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Beefy Finance is a yield optimizer/autocompounder — not a lending protocol. Factor RD-F-181 defines 'lending protocol accepts spot prices from a DEX where any user can permissionlessly create new pools.' No borrow/lend functionality in Beefy. The Rhea Finance class attack (fake pool oracle for lending) has no equivalent attack surface in Beefy's architecture.

Sources #

  • Internal
    Beefy protocol profile — not a lending protocol00-profile.md §1 — Category: YIELD — Multichain yield-optimizer / autocompounder; §7 — no lending surface; 00-data-cache.json coverage_flags.lending_protocol = falseretrieved 2026-05-16

Methodology #

Determine whether the lending protocol accepts spot prices from a DEX where any user can permissionlessly create new pools, without requiring a TWAP window, liquidity floor, or token-age minimum on the venue side.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol beefy factor RD-F-181 score not_applicable collected_at 2026-05-16 13:10:30