ERC-4626 virtual-share offset (OZ ≥4.9)
BENQI's assessment for RD-F-074 — scored not_applicable on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
qiTokens are Compound V2-style cTokens, NOT ERC-4626 vaults. The ERC-4626 virtual-share offset pattern (OZ >=4.9) is not applicable to cToken architecture. The analogous cToken first-minter/donation-attack risk is assessed under F070 (empty cToken market) and F071 (seed-deposit). No ERC-4626 vault module identified in BENQI's primary product suite (lending/, sAVAX/, veQI/ per GitHub structure).
Sources #
- URLBENQI Smart Contracts — GitHub repository structureBENQI GitHub — repo structure shows lending/ (cToken-style), sAVAX/, veQI/ — no ERC-4626 module identifiedretrieved 2026-05-16
Methodology #
Determine whether ERC-4626 vaults use OpenZeppelin ≥4.9 virtual-share offset pattern to prevent first-depositor share-inflation.
See the full factor methodology and distribution across all protocols →