Breakage analysis per dependency
Cap (cUSD / stcUSD)'s assessment for RD-F-052 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
Aave V3 failure: >80% USDC reserves unavailable for redemption; fractional reserve gap; redemption run risk. Symbiotic slash failure: operator default uncompensated; stcUSD yield impaired; peg risk. Oracle failure: mint/burn halted (operational, not direct loss if no manipulation). LayerZero DVN compromise: forged lzReceive; unbacked cUSD/stcUSD minted on MegaETH; collateral drain. Morpho adapter: stcUSD mispriced in Morpho markets. Yellow because Aave V3 concentration is the dominant risk: >$273M in a single external protocol. EigenLayer secondary coverage path partially mitigates Symbiotic risk.
Sources #
- URLKelpDAO LayerZero exploit analysis (bridge dependency scenario)Kelp DAO $292M exploit forensic analysis as analogous bridge dependency failure scenarioretrieved 2026-05-17
- Cap protocol docs: Symbiotic/EigenLayer breakage analysisdocs.cap.app/llms-full.txt: Symbiotic 7-day epoch model; slashing mechanism for operator default; EigenLayer 17.5-day delayretrieved 2026-05-17
- Cap Aave integration confirmationAave blog confirming >80% cUSD reserves deployed to Aave V3 Core Ethereum; Aave V3 is critical fractional reserve dependencyretrieved 2026-05-17
- PriceOracle.sol oracle failure analysisPriceOracle.sol primary/backup fallback architecture; oracle failure path: revert on both failretrieved 2026-05-17
Methodology #
Produce a short per-dependency text describing which protocol functions halt or degrade and impact severity if each declared dependency fails.
See the full factor methodology and distribution across all protocols →