defirisk.co
rubric v1.7.0

Audit-to-deploy gap

deBridge's assessment for RD-F-006 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

For DLN EVM Upgrades: Halborn signed off 2024-12-30. DlnSource impl `0x322B481` deployed (as upgrade target) 2025-12-08 — that is 343 days after the audit. DlnDestination impl `0xE540eb6` deployed 2026-02-13 — 410 days after. These exceed the ≤60-day green threshold significantly and exceed the ≤180-day yellow threshold, pointing to red for the gap. For DeBridgeGate (2022 audit to 2022 deploy), gap was within normal range. Overall driven by DLN implementations: red threshold breached.

Sources #

  • Curator note
    Extracted from 01-code-security.md — RD-F-006 finding; no URL cited in originalretrieved 2026-04-28

Methodology #

Measure the number of days between the audit report sign-off date and the mainnet deploy of the audited bytecode.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol debridge factor RD-F-006 score yellow collected_at 2026-04-28 01:27:58