New contract with similar bytecode to exploit template

Concrete's assessment for RD-F-094 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Similar-bytecode new-deploy sweep requires on-chain contract deployment monitoring and exploit-template database. ConcreteStandardVaultImpl and ConcreteFactory are public bytecode references that could be cloned. Not operational in static assessment.

Sources #

GitHub
Concrete V2 bug bounty repo — public bytecode surfaceBlueprint-Finance/concrete-earn-v2-bug-bounty — ConcreteStandardVaultImpl.sol and ConcreteFactory.sol are public bytecode referencesretrieved 2026-05-17

Methodology #

Detect whether a freshly deployed contract has high bytecode similarity to a known exploit template targeting this protocol class.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol concrete factor RD-F-094 score gray collected_at 2026-05-17 14:36:59