Resolved-without-proof findings

BENQI's assessment for RD-F-003 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Dedaub Ignite audit: H1 (missing data structure update in _deleteRegistration) and M1 (oracle staleness checks absent) both marked 'resolved' but the Ignite contracts are in a private repository — no public commit SHA diff confirming on-chain fix is accessible. Cyfrin 2025 Ignite findings (oracle validation edge cases, precision loss in QI fee calculations) stated 'remediated pre-launch' without verifiable public commit SHA. Halborn 2021 lending audit resolution evidence not independently verifiable from the frozen public repo. No high/critical finding marked resolved without traceable on-chain proof can be confirmed as unverifiable from public sources alone — 1–2 medium resolutions are in this state. Scoring yellow (1–2 medium unverified resolutions).

Sources #

URL
BENQI Security Audits — Dev.to articleCyfrin findings remediated pre-launch per public coverage; no public commit SHA diffretrieved 2026-05-16
Audit
Dedaub BENQI Ignite Audit — findings tableDedaub H1 and M1 marked resolved; Ignite contracts in private repo, no public commit SHA diff availableretrieved 2026-05-16

Methodology #

Count the number of findings the audit report marks "Resolved" or "Fixed" where no matching on-chain bytecode change or verifiable commit can be found.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol benqi factor RD-F-003 score yellow collected_at 2026-05-16 11:02:12