Upstream patch not merged

Centrifuge's assessment for RD-F-127 — scored not_applicable on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

N/A — protocol is not a fork; no upstream exists. No DeFi protocol vulnerability patches are applicable as unmerged. The Wormhole bridge dependency had a $326M hack in February 2022 but Wormhole security updates are managed by Wormhole's team; Centrifuge integrates via the Wormhole Relayer API.

Sources #

GitHub
https://github.com/centrifuge/protocolretrieved 2026-04-27

Methodology #

Determine whether the upstream fork source has published a known-vulnerability patch that has not been merged into this fork's deployed code.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol centrifuge factor RD-F-127 score not_applicable collected_at 2026-04-30 21:19:10