★ Default bytes32(0) acceptable as valid root

deBridge's assessment for RD-F-154 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

NOT APPLICABLE in Nomad sense: deBridgeGate is NOT a Merkle-root-based system. It is a threshold-signature submission system with no committedRoot, acceptableRoot, or confirmAt mapping. Nomad bytes32(0)-as-valid-root class vulnerability does not exist in this architecture.

Sources #

GitHub
https://github.com/debridge-finance/debridge-contracts-v1/blob/main/contracts/transfers/DeBridgeGate.solretrieved 2026-04-28

Methodology #

Determine whether the bridge inbox accepts a default-value (bytes32(0)) Merkle root as a valid proof root (Nomad bug class).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol debridge factor RD-F-154 score green collected_at 2026-04-28 01:27:58