Mixed-decimals math without explicit scaling

Centrifuge's assessment for RD-F-017 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

V3/V3.1 ERC-7540 vaults handle tokenized RWA assets in stable currencies (USDC 6 decimals, DAI 18 decimals). Multiple audit engagements reviewed multi-token arithmetic. Code4rena 2023 noted rounding issues in maxDeposit/maxMint (medium severity, resolved). Centrifuge's hub-and-spoke design propagates pricing from hub with explicit decimal normalization expected in NAVManager. Static analysis not run locally.

Sources #

Audit
https://code4rena.com/reports/2023-09-centrifugeretrieved 2026-04-27

Methodology #

Determine whether shared numerator/denominator arithmetic operates over tokens with different decimals without WAD/RAY normalization or explicit decimal-adjustment.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol centrifuge factor RD-F-017 score yellow collected_at 2026-04-30 21:19:10