defirisk.co
rubric v1.7.0

New ERC-20 approval to unverified contract from whale

Chainlink CCIP's assessment for RD-F-096 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

v2-deferred. User-level ERC-20 approval monitoring to CCIP Router (0x80226fc0ee2b096224eeac085bb9a8cba1146f7d) or unverified contracts masquerading as CCIP contracts is a user-protection signal. No evidence of whale approvals to unverified contracts via public data. P2 signal; consumer-app scope per T-09 §3.3.

Sources #

  • Etherscan
    CCIP Router — EtherscanCCIP Router (Ethereum): 0x80226fc0ee2b096224eeac085bb9a8cba1146f7d — immutable per design; user approvals to this address are legitimate protocol interactionsretrieved 2026-05-16

Methodology #

Detect whether a top-TVL depositor grants a new token approval to an unverified contract that interacts with this protocol.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol chainlink-ccip factor RD-F-096 score gray collected_at 2026-05-16 01:55:09