★ Admin has mint() with unlimited max

Centrifuge's assessment for RD-F-042 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

CFG ERC-20 (0xcccCCCcCCC33D538DBC2EE4fEab0a7A1FF4e8A94) has mint(address to, uint256 value) callable by ward-authorized addresses. No hard supply cap in the contract; mint is bounded only by the ward access control system. Annual inflation is governed off-chain (3% protocol parameter, not a contract-enforced cap).

Sources #

Etherscan
https://etherscan.io/token/0xcccccccccc33d538dbc2ee4feab0a7a1ff4e8a94retrieved 2026-04-27

Methodology #

Determine whether an admin-callable `mint` on a protocol token has no supply cap or an unlimited maximum supply.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol centrifuge factor RD-F-042 score yellow collected_at 2026-04-30 21:19:10