Euler V2

Modular lending platform built on two core primitives: the Euler Vault Kit (EVK, permissionless ERC-4626 lending vaults) and the Ethereum Vault Connector (EVC, cross-vault collateral routing). Also includes EulerSwap, a novel AMM DEX where vaults supply liquidity directly. Completely rewritten from scratch after the Euler V1 $197M exploit in March 2023. Deployed on 16 EVM chains with Ethereum as primary (89% of TVL).

Sector evm_lending

TVL $379.6M

Reviewed May 12, 2026

Factors 184

Categories 13

Risk score 12.2

DeploymentsEthereum · $337.6M

Risk profile at a glance

0 red · 3 yellow · 7 green

25 24 17 13 15 22 16 10 13 12 8 5 4

Categories & evidence

184 factors · 13 categories

Code & audits Green 8 25 of 25

RD-F-002 yellow Audit recency Most recent audit covering deployed EVK code: Electisec setLTV report added Jan 24 2025 (GitHub commit 396f8e55). Assessment date 2026-05-04. Days since: ~465 days. Yellow band: 366-730 days. Core EVK/EVC last fully audited pre-launch (before Sep 2024). EulerSwap and Euler Earn are newer tracks but exact audit dates not confirmed in this assessment. RD-F-006 yellow Audit-to-deploy gap Cantina competition ended 2024-06-17; mainnet launch 2024-09-04. Gap = 79 days. Yellow band: 61-180 days. Post-competition yAudit fixes report incorporated before launch, partially mitigating drift risk. RD-F-009 yellow Formal verification coverage Certora performed formal verification (Certora_EVK_report.pdf in audits directory). Cantina competition included $100K FV prize pool. Exact invariant coverage % not publicly extractable without PDF access. FV engagement confirmed but coverage cannot be confirmed >=80%. RD-F-010 yellow Static-analyzer high-severity count No Slither/Mythril/Semgrep tool run performed (T-10 dry run constraint). Source review of 8 core modules (Vault, Borrowing, Liquidation, Token, Initialize, RiskManager, BalanceForwarder, Governance) shows consistent nonReentrant guards, immutable module targets, no SELFDESTRUCT, no user-controlled delegatecall. 12+ audit firms and Cantina competition (572 submissions) are strong proxy. Yellow pending tool run. RD-F-016 yellow Divide-before-multiply pattern No Slither tool run performed. Source review of critical arithmetic paths did not reveal obvious divide-before-multiply. 12+ audit firms and Cantina competition are strong proxy. Yellow pending tool run. RD-F-018 yellow Signed/unsigned arithmetic confusion No symbolic execution performed. Solidity 0.8.24 has built-in overflow/underflow revert protection, mitigating most signed/unsigned confusion. No issues surfaced in any secondary source from 12+ audit firms. Yellow pending tool run.

RD-F-001 green Audit scope mismatch EVault implementation 0x8Ff1C814 is Etherscan-verified Exact Match at compiler v0.8.24+commit.e11b9ed9, optimizer 20000 runs, EVM Cancun. 12+ audit firms cover pre-launch code; post-launch setLTV fix audited by Electisec (Jan 2025) and M4rio.eth (Feb 2025). OZ EVC audit at commit 69626eba. No unaudited material divergence between audit corpus and deployed bytecode.

RD-F-003 green Resolved-without-proof findings yAudit competition fixes report covers post-Cantina-competition remediation. OZ EVC audit: 0 critical/high; 4 of 5 low findings resolved, 1 acknowledged (floating pragma). Electisec setLTV and M4rio.eth setLTV audits confirm setLTV fix was separately reviewed. No evidence of findings marked Resolved without corresponding commit/bytecode proof.

RD-F-004 green Audit count 12+ distinct audit firms confirmed: Spearbit, OpenZeppelin (x2), ChainSecurity, Certora, Omniscia, yAudit (x2), Cantina (competition), Electisec (x2), EnigmaDark, M4rio.eth. Trail of Bits, Zellic, Hunter Security named in pre-launch announcement. Euler Price Oracle separately audited by 6 firms. Far exceeds green threshold of >=2 firms.

RD-F-005 green Audit firm tier Tier-1 firms confirmed: Spearbit, OpenZeppelin, Certora, Trail of Bits, Zellic. Tier-2: ChainSecurity, Omniscia, Electisec (formerly yAudit), EnigmaDark. Cantina competition ($1.25M prize pool, 572 submissions). Well above green threshold (at least one Tier-1 audit of deployed code).

RD-F-007 green Bug bounty presence & max payout Active Cantina-hosted bug bounty since 2024-08-21. Maximum payout: $7,500,000 (USDC + rEUL + USUAL tokens). In scope: EVC, EVK, Euler Price Oracle, Reward Streams, Fee Flow, Euler Earn, EulerSwap. Green: max payout far exceeds $500K threshold.

RD-F-008 green Ignored bounty disclosure No V2 exploits confirmed. Data cache rekt.incidents = []. No post-mortem evidence of ignored disclosure for V2. V1 exploit (2023) was pre-V2 and unrelated to V2 codebase.

RD-F-011 green SELFDESTRUCT reachable from non-admin path SELFDESTRUCT not found in any reviewed module (Vault, Borrowing, Governance, BalanceForwarder, Token, Initialize, Liquidation, Base). GenericFactory uses BeaconProxy/MetaProxy — no CREATE2+selfdestruct pattern. Dencun EIP-6780 limits SELFDESTRUCT semantics on 0.8.24+ contracts.

RD-F-012 green delegatecall with user-controlled target use() modifier in Dispatch.sol performs delegatecall to module addresses, but all module addresses are stored as immutable state variables set in the constructor via DeployedModules struct. Target is NOT user-controlled — it is fixed at deployment. This is the correct pattern and not a vulnerability.

RD-F-013 green Arbitrary call with user-controlled target No arbitrary external calls with user-controlled targets found in reviewed modules. EVC address is immutable; module addresses are immutable; balanceTracker is immutable. External calls restricted to pre-validated protocol addresses.

RD-F-014 green Reentrancy guard on external-calling functions nonReentrant confirmed on all core external-calling state-mutating functions: borrow(), repay(), repayWithShares(), pullDebt(), flashLoan(), touch() (Borrowing); deposit/withdraw (Vault); liquidate() (Liquidation); transfer(), transferFrom() (Token). EVC deferred liquidity check pattern preserves atomicity.

RD-F-015 green ERC-777/1155/721 hook without reentrancy guard Token.sol implements standard ERC-20 only. No ERC-777 tokensReceived, ERC-1155 onReceived, or ERC-721 onReceived callbacks integrated. EVK vaults interact with ERC-20 underlying assets only.

RD-F-017 green Mixed-decimals math without explicit scaling EVK vaults are single-asset per vault — no cross-decimal arithmetic within core EVK. Cross-asset scenarios route through EVC liquidity check calling vault-reported share prices. Euler Price Oracle handles cross-asset pricing and was audited by 6 firms for precisely this pattern.

RD-F-019 green ecrecover zero-address return unchecked No ecrecover calls found in reviewed EVK modules (Vault, Borrowing, Token, Initialize, RiskManager, BalanceForwarder, Governance, Liquidation). Permit2 (immutable address, Uniswap's well-audited library) handles signature verification internally with proper zero-address guard.

RD-F-020 green EIP-712 domain separator missing chainId EVK core contracts do not implement EIP-712 domain separators directly. Signed message functionality for permit approvals is delegated to Permit2 (Uniswap's library, pinned at cc56ad0f), which includes chainId in its domain separator. No cross-chain replay risk from EVK itself.

RD-F-021 green UUPS _authorizeUpgrade correctly permissioned EVK does not use UUPS proxy pattern. GenericFactory deploys BeaconProxy (upgradeable via setImplementation() by upgradeAdmin) or MetaProxy (immutable). No _authorizeUpgrade() function — factor is N/A by construction. Beacon upgrade controlled by upgradeAdmin role.

RD-F-022 green Public initialize() without initializer modifier initialize(address proxyCreator) is public virtual reentrantOK in InitializeModule — no OZ initializer modifier. But re-init is prevented by custom boolean guard: constructor() { initialized = true; } (sets flag on implementation, blocks any re-init); initialize() checks if (initialized) revert E_Initialized(). Functionally equivalent to OZ _disableInitializers(). Pattern reviewed by 12+ audit firms including Spearbit and OZ with no critical findings.

RD-F-023 green Constructor calls _disableInitializers() InitializeModule constructor() { initialized = true; } achieves the same protection as OZ _disableInitializers(). Implementation contract cannot be initialized — the boolean flag blocks any call to initialize() before any proxy delegates to it. Custom but audited equivalent.

RD-F-024 green Code complexity vs audit coverage Cantina competition scope: 4915 LOC (EVC 980, EVK 3093, EPO 450, Reward Streams 392). 572 submissions over ~28 days plus 12 prior firm audits. Modular architecture (~200-400 LOC per module) aids auditability. Audit coverage relative to code size is exceptionally high.

RD-F-183 green Bug bounty scope gap on highest-TVL contracts Active Cantina bounty explicitly covers EVK (vaults returned by verifiedArray() from perspective contracts), EVC, Euler Price Oracle, Reward Streams, Fee Flow, Euler Earn, EulerSwap. EVK and EVC are highest-TVL contracts ($337M on Ethereum). Only development branches and third-party integrations are out of scope. No scope gap for highest-TVL contracts.

Governance & admin Green 12 24 of 24

RD-F-026 yellow Upgrade multisig signer configuration (M/N) Operational multisig is 4-of-8 (6 Euler Labs + 2 Foundation Directors) per Nov 2025 forum update. Factory Timelock proposer is DAO multisig 0xcAD001c. Security Council (0xb3b84e) threshold not confirmed on-chain but labeled distinct. 4-of-8 is below >=5-of-8 peer norm for $338M TVL. RD-F-028 yellow Low-threshold multisig vs TVL 4-of-8 Operational multisig controlling $338M ETH TVL. Peer norm for this TVL band is >=5-of-8 (Aave 5-of-9, Compound community standard). Security Council (0xb3b84e83) exact threshold not confirmed on-chain. 4-of-8 is materially safer than 2/3 but below peer norm. RD-F-029 yellow Multisig signers co-hosted Signer identities not disclosed ('cannot be revealed for security reasons' per foundation docs). 6 of 8 signers are Euler Labs employees — high co-affiliation concentration. Infrastructure/ASN data not assessable. RD-F-033 yellow Timelock on sensitive actions Upgrades: 4-day timelock (green). Parameter changes: 48h Wildcard timelock (green). Pause/emergency: bypass timelock by design (emergency role). Oracle config: 48h Wildcard timelock (green). EUL mint: ADMIN_ROLE callable without explicit timelock on mint itself (only supply cap protects). 4 of 5 action types timelocked — mint is the gap. RD-F-036 yellow Flash-loanable voting weight EUL uses ERC20Votes with block-based checkpoints (getPastVotes). Same-block flash loan governance attack is theoretically possible (borrow tokens, delegate, vote in same block before delegation checkpoint updates). Key mitigants: 48h timelock post-vote-passage; quorum 815,480 EUL (~$1.1M at $1.40/EUL) not flash-loanable at scale; no major EUL flash-loan venue identified. Not green because checkpoint pattern has known theoretical vulnerability. RD-F-039 yellow delegatecall/call in proposal execution without allowlist EUL DAO TimelockController uses call() not delegatecall() for proposal execution. No target allowlist exists — any address can be a proposal target. Timelock delay (48h) and Security Council CANCELLER_ROLE provide soft protection. call() without allowlist means malicious proposals can call arbitrary external contracts. Lower severity than delegatecall but no allowlist. RD-F-042 yellow Admin has mint() with unlimited max EUL token mint() callable by ADMIN_ROLE. Hard supply cap of 27,182,818 EUL prevents unlimited dilution. Additional per-event cap (~2.71% of supply), 30-day interval, and time-restricted before June 2025. ADMIN_ROLE holder (treasury/multisig) can mint without explicit timelock on the mint function itself. Supply cap protects against infinite mint but ADMIN_ROLE compromise could still dilute to cap. RD-F-047 yellow Governance token concentration (Gini) Euler Multisig (0x25Aa4a) holds 1,582,845 EUL (~8% of 19.8M circulating supply). Co-founder lost $3.8M in EUL (hardware failure) — evidence of significant individual concentration. Gini coefficient not computed (full holder list not available). Top wallet share >=8% circulating suggests moderate-high concentration. RD-F-030 gray Hot-wallet signer flag Signer addresses not publicly disclosed; hot-wallet behavioral assessment not possible from available data.

RD-F-025 green Admin key custody type Layered admin model: protocol-level upgrades go through eVault Factory Timelock (4-day delay, DAO multisig proposer). Per-vault: recommended GovernorAccessControlEmergency with dual 48h timelocks. EVC is deployed singleton. No single EOA controls protocol admin.

RD-F-027 green Single admin EOA No single EOA holds protocol admin role. Deployer EOA (0xEe009FAF) renounced DEFAULT_ADMIN_ROLE on eVaultFactory Governor at block 21531316 (2025-01-01). DAO multisig is proposer for Factory Timelock. Per-vault governors use multisig+timelock pattern. eVault Factory Timelock admin (deployer EOA) is residual timelock self-admin role only, not a vault admin path.

RD-F-031 green Signer rotation recency Nov 2025 multisig restructuring was a role recategorization (Treasury->Operational), not a threshold reduction. No 14-day precursor pattern (threshold reduction + timelock removal within 14 days) identified. Security Council signer rotation not disclosed but no reduction event found.

RD-F-032 green Timelock duration on upgrades Admin Timelock (0xBfeE): 172,800s (48h). eVault Factory Timelock (0xfb034): 345,600s (4 days). EUL DAO Timelock (0xd4Ee): 172,800s (48h). Wildcard Timelock (0x1b8C): ~172,800s (48h per docs). All >=48h green threshold.

RD-F-034 green Guardian/pause-keeper distinct from upgrader GovernorAccessControlEmergency separates GUARDIAN_ROLE (emergency pause, Euler Labs/Gauntlet/partners) from upgrade DEFAULT_ADMIN_ROLE (held by Admin Timelock, DAO-controlled). Two distinct roles held by distinct addresses.

RD-F-035 green Role separation: upgrade ≠ fee ≠ oracle Upgrade role: Admin Timelock (0xBfeE). Fee collection: feeFlowController (0xFcd3Db06). Oracle config: oracleAdapterRegistry (0xA084A7) + per-vault governor. Three distinct addresses/contracts hold the three roles.

RD-F-037 green Quorum achievable via single-entity flash loan Quorum = 815,480 EUL. No Aave/Compound/Balancer EUL flash-loan pool at this scale identified. Flash-loan acquisition of 815K EUL in single block requires a dedicated pool that does not exist at sufficient depth. Single-entity flash-loan quorum achievement is not practically feasible.

RD-F-038 green Proposal execution delay < 24h On-chain voting period: 2 days. EUL DAO Timelock minimum delay: 48h. Total minimum execution delay: 4 days (2d vote + 48h timelock). Well above 48h threshold.

RD-F-040 green Emergency-veto multisig present Security Council multisig (0xb3b84e83) holds CANCELLER_ROLE on eVault Factory Timelock. DAO also holds CANCELLER_ROLE. Two distinct cancellers exist, separate from proposer. Security Council is a multisig (Safe 1.4.1).

RD-F-041 green Rescue/emergencyWithdraw without timelock No rescue() or emergencyWithdraw() function found in EVault source. skim() exists for surplus balance recovery but is not an admin drain path — it routes through EVC and requires depositor interaction. Emergency guardians can pause but cannot drain user funds.

RD-F-043 green Admin = deployer EOA after 7 days Deployer EOA (0xEe009FAF00CF54C1B4387829aF7A8Dc5f0c8C8C5) renounced DEFAULT_ADMIN_ROLE on eVaultFactory Governor at block 21531316 (2025-01-01). Deployer is not a functional admin at assessment date. The eVault Factory Timelock constructor admin is deployer EOA but this is the timelock's own role-management admin, not a vault operational role.

RD-F-044 green Admin wallet interacts with flagged addresses No OFAC-listed or mixer-interaction transactions identified for DAO multisig (0xcAD001c, 173 txs: EUL/USD0 transfers, ETH movements) or Labs multisig in visible Etherscan history. No cluster-feed data available but no visible red flags.

RD-F-045 green Constructor args match governance proposal eVault Factory Timelock constructor args (proposer=DAO multisig 0xcAD001c, minDelay=345600) are consistent with published governance architecture in docs. No material discrepancy identified.

RD-F-046 green Contract unverified on Etherscan/Sourcify All core contracts verified on Etherscan with Exact Match status: EVC (0x0C9a3dd6), EVault impl (0x8Ff1C814), eVaultFactory (0x29a56a1b), GovernorAccessControlEmergency (0x35400831), eVaultFactoryGovernor (0x2F13256), all four timelocks, EUL token. Verified at launch.

RD-F-167 green Deprecated contract paused but pause reversible by live admin Euler V1 is deprecated and a separate deployment from V2. V2 shares no code with V1. V2 has no deprecated contracts identified. V1 deprecated state is out of scope for V2 governance assessment.

Oracle & external dependencies Yellow 31 17 of 17

RD-F-057 red Circuit breaker on price deviation No in-adapter circuit breaker exists in any euler-price-oracle adapter. No maxDeviationBps, price-guard, or cross-oracle deviation check is present in ChainlinkOracle, PythOracle, UniswapV3Oracle, or EulerRouter. The EVK vault logic does not implement a protocol-level price-deviation circuit breaker. If a Chainlink feed returns its minAnswer/maxAnswer-clamped value during a crash, the protocol cannot detect or reject the anomalous price. This is a design limitation — no deviation-based circuit breaker at any layer. RD-F-049 yellow Oracle role per asset No secondary/fallback oracle at the adapter layer — each ChainlinkOracle, PythOracle, UniswapV3Oracle serves a single feed. Fallback is only available if vault uses EulerRouter with govSetFallbackOracle(). For vaults NOT using EulerRouter (including permissionless vaults), the single adapter is both primary and only source. Official Euler Prime cluster expected to use EulerRouter — not universally confirmed. RD-F-050 yellow Dependency graph (protocols depended upon) Dependency graph: Chainlink (19+ feeds), Pyth Network, UniswapV3 pools (TWAP), Lido (wstETH rate), Pendle (market TWAP), RedStone, Balancer rate providers. EVC is an immutable singleton dependency with no upgrade path — accepted design risk. EulerSwap creates vault-to-AMM circular dependency. One non-redundant dependency (EVC) with significant protocol-wide impact if a bug were discovered. RD-F-051 yellow Fallback behavior on oracle failure Per-adapter fallback: ChainlinkOracle reverts (PriceOracle_TooStale) on stale data — no last-known-price fallback. PythOracle reverts on exceeded maxStaleness. UniswapV3Oracle: no staleness check beyond TWAP period. EulerRouter can have govSetFallbackOracle() configured; if set, failed primary routes to fallback. Without EulerRouter fallback, oracle failure = vault operation halt. No universal fallback; vault-specific based on EulerRouter usage. RD-F-053 yellow Oracle source = spot DEX pool (no TWAP) [★ CRITICAL] UniswapV3Oracle adapter has MIN_TWAP_WINDOW = 5 minutes (immutable constant in source). Permissionless vault deployers can configure vaults with 5-minute TWAP on any Uniswap V3 pool. Official Euler Prime cluster uses Chainlink (not spot DEX). Not red because the high-TVL official cluster uses Chainlink-tier oracles. Yellow because the protocol infrastructure structurally permits F053-class oracle configurations on permissionless vaults with no protocol-level guard. RD-F-054 yellow TWAP window duration UniswapV3Oracle: minimum 5-minute TWAP window (below 30-minute taxonomy threshold), immutable post-deploy. Actual window per adapter deployment varies and cannot be universally verified without enumerating all ~200+ live adapters. PendleOracle: TWAP window configurable at deploy, immutable post-deploy. Pyth: maxStaleness capped at 15 minutes (not a TWAP). Chainlink: no TWAP (push model). Factor is yellow because UniswapV3Oracle min falls below 30-min threshold; cannot rule out sub-30-min deployments in live vaults. RD-F-056 yellow Single-pool oracle (no medianization) ChainlinkOracle reads a single aggregator per asset — no medianization within the adapter. UniswapV3Oracle reads a single immutable pool. EulerRouter routes to one oracle per pair (no medianization at router level). Chainlink aggregators themselves aggregate across multiple data nodes — this provides external medianization, but the adapter only reads the aggregated result from one feed address. No cross-venue medianization at the protocol layer. RD-F-059 yellow Oracle staleness check present ChainlinkOracle: staleness check present — reverts with PriceOracle_TooStale when block.timestamp - updatedAt > maxStaleness. PythOracle: staleness check present (maxStaleness capped at 15 min). UniswapV3Oracle: no explicit staleness check — relies on TWAP period. Chainlink USDT/USD maxStaleness = 86400s (24h) per data-cache heartbeat; USDC/USD = 82800s (23h). These generous thresholds allow significant staleness windows before revert — up to 24h for stablecoin feeds. Taxonomy threshold for volatile assets is 3600s; stablecoins exceed this significantly. RD-F-060 yellow Chainlink aggregator min/max bound misconfig ChainlinkOracle reads latestRoundData() and extracts the answer, but does NOT read or validate the aggregator's minAnswer or maxAnswer circuit-breaker bounds. If the underlying Chainlink aggregator's minAnswer floor is triggered during a market crash (e.g., ETH drops below the floor), ChainlinkOracle returns the clamped minAnswer value without any error signal — allowing over-valuation of crashed collateral. This is the Venus/Compound ETH/USD floor-bug class. Scored yellow (not red) because: (a) Chainlink's minAnswer values for major assets like ETH/USD are set very conservatively (effectively $0.01 floor), limiting realistic exploitation; (b) the scenario requires an extreme market crash to a price below Chainlink's floor. RD-F-180 yellow Immutable oracle address [★ CRITICAL-CANDIDATE, PD-017] EVK whitepaper explicitly states: 'Each vault has the address of a price oracle installed. This address is immutable and cannot be changed, even by the vault governor.' ChainlinkOracle.sol confirms: 'address public immutable feed;'. UniswapV3Oracle.sol: 'address public immutable pool;'. All adapter parameters (feed address, pool address, maxStaleness, twapWindow) are immutable state variables. The recommended mitigation is EulerRouter — a governable wrapper that can redirect pricing queries without changing the vault's immutable oracle address. However: (1) Not all vaults are required to use EulerRouter; (2) Permissionless vaults with direct adapters have no oracle replacement path; (3) The fraction of TVL-bearing vaults using EulerRouter vs. direct adapters is not confirmed. Yellow (not red) because EulerRouter mitigation exists and is promoted by official documentation; red would require evidence that high-TVL official vaults forgo EulerRouter. FLAG: PD RD-F-181 yellow Permissionless-pool lending oracle EVK is a fully permissionless vault creation system — GenericFactory allows anyone to create vaults. Vault creators can configure UniswapV3Oracle with any Uniswap V3 pool and a 5-minute minimum TWAP window. No protocol-level liquidity floor, token-age minimum, or TWAP minimum requirement is enforced at vault creation time. The Perspectives system (Euler Ungoverned 0x Perspective, Euler Ungoverned nzx Perspective) filters which vaults appear in the official UI but does not prevent vault creation or restrict oracle choice. Rhea Finance pattern (fake pool seeding + spot oracle manipulation → fake token borrowing) is structurally feasible on permissionless Euler vaults. Yellow (not red) because: (a) Perspectives filter provides UI-level protection for sanctioned vaults; (b) permissionless vault risks are user-accepted; (c) no actual exploit of this class confirmed on Euler V2. RD-F-052 n/a Breakage analysis per dependency [downgraded: only curator_note evidence] Per-dependency breakage: Chainlink feed stale → vault borrow/liquidation halts (vault-specific, not protocol-wide). USDT/USD has 86400s (24h) heartbeat — up to 24h stale data before revert. Pyth failure → Pyth-oracle vaults halt. UniswapV3 manipulation → over-borrowing against manipulated collateral. Lido failure → wstETH-vaults misprice. EVC bug → all vaults on that chain affected (no recovery path). Partial analysis; full breakage mapping requires per-vault oracle enumeration not completed here. RD-F-055 gray Oracle pool depth (USD) Cannot assess without RPC access to enumerate all UniswapV3Oracle pool addresses and query on-chain liquidity. Chainlink feeds (ETH/USD, BTC/USD) draw on external data with deep underlying markets. UniswapV3Oracle pool depth is vault-specific and not enumerable from source alone. Gap noted — would require on-chain enumeration of all live oracle adapter deployments. RD-F-058 gray Max-deviation threshold (bps) N/A — no circuit breaker exists (F057 scored red). No maxDeviationBps or equivalent threshold to record.

RD-F-048 green Oracle providers used 8 adapter types confirmed: ChainlinkOracle (primary for major assets, 19 feeds in cache), PythOracle (pull-based, multi-chain), UniswapV3Oracle (TWAP, configurable window), LidoOracle (wstETH/stETH rate), PendleOracle (Pendle market TWAP), RedstoneCoreOracle (pull), RateProviderOracle (Balancer), FixedRateOracle (stablecoins). EulerRouter serves as composable wrapper. All major established providers are represented.

RD-F-061 green LP token balanceOf used for pricing No standard euler-price-oracle adapter uses balanceOf for pricing. LidoOracle reads wstETH.stEthPerToken() (rate function). PendleOracle uses Pendle on-chain TWAP interface. RateProviderOracle calls getRate(). EulerSwap integration uses vault share accounting — not LP token balanceOf. No donation-manipulation pricing vector identified in the oracle adapter library.

RD-F-062 green External keeper/relayer not redundant Euler V2 does not depend on a centralized keeper for core protocol functions. Liquidations in EVK are permissionless — any address can execute liquidation. EulerSwap AMM operates as a standard AMM with no keeper dependency. No Gelato, Chainlink Automation, or single-keeper dependency identified in profile §7 or architecture documentation. Keeper-less by design.

Economic risk Yellow 20 13 of 13

RD-F-063 yellow TVL (current + 30d trend) Current TVL $379.6M (DefiLlama 2026-05-04). 30d trend -27.21%. 12-month peak ~$3.15B (Q3 2025). Peak-to-current drawdown ~88%. 1d change +0.95% suggesting tentative stabilization. Protocol remains above $100M coverage floor threshold. Sustained material decline is a yellow signal for TVL trend. RD-F-066 yellow Utilization rate (lending protocols) Cache-reported 209.72% utilization is a double-counting artifact from nested vault positions (flagged in profile §4). Six-month blog (March 2025) shows 43% utilization at $671M TVL with $231M active loans. Alea Research identifies Euler as having the highest utilization globally, consistently above 50%. Per-vault on-chain reads not performed. Estimated current range 40-55% for major vaults. Yellow due to inability to verify per-vault utilization precisely and elevated utilization signal relative to peers. RD-F-068 yellow Collateralization under stress EVK uses per-vault health factor model (risk-adjusted collateral value > liability). No single collateralization ratio applies. Euler Prime correlated-asset vaults: 85-93% LLTV. Uncorrelated vaults: 65-80% LLTV. Curator stress simulation not performed. The 88% TVL drawdown and prevalent ETH/LST collateral base raises the plausibility of collateralization pressure during stress scenarios, though no confirmed breach is documented. Yellow: no confirmed undercollateralization, but stress test not independently verified. RD-F-071 yellow Seed-deposit requirement for new market listing EVK whitepaper recommends (but does not mandate) that vaults have some small initial deposit as a defensive measure. Vault creation is permissionless — deployer can create with zero initial supply. The virtual deposit mechanism (F074) mitigates share-inflation risk even for empty vaults, but a new empty vault with a thin oracle-feeding pool remains manipulable via direct token donation if VIRTUAL_DEPOSIT is insufficiently large. No hard protocol-enforced seed-deposit listing gate exists. Yellow: protection is architectural but not enforced as a required listing condition. RD-F-072 yellow Market-listing governance threshold Market listing is fully permissionless: any ERC-20 vault can be deployed via EVK factory without governance approval or DAO vote. Governance type (Governed / Ungoverned / Finalized) is set at vault deploy. Risk-managed clusters (Euler Prime, Euler Yield) use external curator governance (Gauntlet, Objective Labs) but this is not a protocol-level governance gate. Yellow: permissionless listing enables novel market creation but also permits listing of low-quality or manipulable assets in ungoverned vaults without safety checks. RD-F-073 yellow Oracle-manipulation-proof borrow cap Borrow caps exist as governor-configurable per-asset parameters, enforced at batch completion (whitepaper). For Chainlink-fed vaults (ETH/USD, BTC/USD, USDC/USD — see oracle feed list in data cache), manipulation resistance is high and caps are likely well-sized. However, EVK supports UniswapV3Oracle TWAP adapters (profile §7); for vaults using these, cap adequacy relative to TWAP pool depth is unverified. Per-vault cap-vs-pool-depth analysis not performed at OSINT tier. Yellow: caps confirmed present; adequacy against TWAP oracle manipulation unverified for all vaults. RD-F-064 gray TVL concentration (top-10 wallet share) On-chain depositor concentration scan not performed. EVK's permissionless multi-vault model across 16 chains requires vault-by-vault enumeration to assess top-10 depositor share. DefiLlama does not expose depositor-level concentration for EVK vaults. Dune Analytics queries return 403. Gap documented; not yet assessed. RD-F-065 gray Liquidity depth per major asset Liquidity depth at 2%/5% price impact not assessable from OSINT-tier tools. EulerSwap is the integrated DEX surface; pool depth requires live DEX subgraph or on-chain pool reads which are not accessible. EVK lending liquidity is addressed separately via market register and utilization rate (F066). Gap documented. RD-F-070 n/a Empty cToken-style market (zero supply/borrow) N/A — NOT APPLICABLE. Euler V2 (EVK) is not a Compound V2 fork. The cToken share-accounting model does not exist in EVK. Per taxonomy PD-024: RD-F-070 ★ is N/A for non-Compound-fork protocols. ERC-4626 share-inflation risk is assessed under F074 and F075. Critical ★ does not fire. Gray represents N/A (not gray from missing evidence).

RD-F-067 green Historical bad-debt events No V2 bad debt events confirmed. `rekt.incidents` in data cache is empty. The April 2026 KelpDAO rsETH exploit triggered precautionary market freezes at Euler; public reports indicate no significant bad debt accumulated due to swift action. V1 $197M exploit (2023) was on a now-deprecated, clean-slate-rewritten codebase. Bad debt socialization mechanism is present in EVK (default enabled; governor can disable) but has not been publicly triggered post-V2 launch.

RD-F-069 green Algorithmic / under-collateralized stablecoin Euler V2 is a collateralized lending protocol, not an algorithmic or under-collateralized stablecoin. Some accepted collateral includes novel yield-bearing stablecoins (USR, USD0++) but these are external tokens, not protocol-issued. The protocol does not issue an algorithmic stablecoin. Factor is green by protocol type.

RD-F-074 green ERC-4626 virtual-share offset (OZ ≥4.9) EVK implements a native virtual deposit mechanism as inflation guard. Formula from whitepaper: exchangeRate = (cash + totalBorrows + VIRTUAL_DEPOSIT) / (totalShares + VIRTUAL_DEPOSIT). This is functionally equivalent to OZ >=4.9 virtual-share offset. Euler's own blog post on exchange rate manipulation in ERC-4626 vaults confirms the mechanism is live and was specifically designed to prevent first-depositor inflation. Cantina 2025 security assessment found no high/medium severity issues in these surfaces. Green: confirmed protection, though exact VIRTUAL_DEPOSIT constant value not extracted (medium confidence).

RD-F-075 green First-depositor / share-inflation guard First-depositor / share-inflation guard confirmed present via multiple independent sources. Virtual deposit mechanism ensures exchange rate is well-defined even with zero shares, preventing rounding-based attacks. Vault.sol includes zero-share revert guard (E_ZeroShares). Rounding direction control (toSharesDown/Up) further constrains attack surface. Cantina 2025 security engagement confirmed no high/medium issues in these surfaces. The EVK was purpose-built to address this attack class as documented in Euler's own security blog.

Operational history Green 12 15 of 15

RD-F-077 yellow Prior exploit count 1 incident attributed to same team/brand/governance lineage (V1 hack 2023-03-13, $197M, fully recovered). V2 codebase has zero in-protocol incidents across 20 months live. Attribution rationale: same team (Euler Labs), same governance token (EUL DAO), same protocol brand. Root cause (donateToReserves health check omission) is architecturally absent in EVK — but team-level incident history counts. RD-F-084 yellow TVL stability (CoV over 90d) CoV not computable (DeFiLlama daily series unavailable via WebFetch — known structural gap per process-learnings). Directional assessment: TVL declined from $3.15B peak (Q3 2025) to $380M (May 2026) = -88% from peak; -27.21% trailing 30d. High volatility over any 90-day window containing Q3 2025 peak. Scored yellow (medium confidence). Context: decline driven by broader market conditions and sector-wide KelpDAO panic (April 2026), not a V2-specific failure. Production pipeline should pre-fetch daily TVL series. RD-F-085 yellow Incident response time (minutes) V1 exploit began ~08:50 UTC on 2023-03-13. Euler team blocked the vulnerable module same day. First public acknowledgment via CoinTelegraph article 'Euler Finance blocks vulnerable module, working on recovering funds' published March 13, 2023. Estimated response window: 2–4 hours. Exact minute-level timestamp not available from public WebFetch sources. Scored yellow (medium confidence): 2–4 hours likely falls in yellow band (60–360 min) rather than green (<60 min). Strong qualitative response despite quantitative uncertainty. RD-F-089 yellow Insurance coverage active Active Nexus Mutual cover for Euler V2 confirmed: 'Euler v2 Vaults + Markets' listed in YO ETH Vault Multi Protocol Cover annex (15% sublimit) and in Elite Cover documentation. Coverage against smart contract hacks, oracle failure, oracle manipulation, liquidation failure, governance takeovers. Cover size for V2 not explicitly quantified relative to $380M TVL. Scored yellow: coverage exists and is active, but size relative to TVL not confirmable. V1 Nexus Mutual claim: $2.4M paid (2023). V1 Sherlock claim: $4.5M paid (Sherlock accepted responsibility for audit failure). RD-F-078 n/a Chronic-exploit flag (≥3 incidents) [downgraded: only curator_note evidence] Incident count = 1. Chronic flag threshold is ≥3. Not triggered. RD-F-079 n/a Same-root-cause repeat exploit [downgraded: only curator_note evidence] Only 1 incident in brand history; cannot have a same-root-cause repeat. V1 root cause (donateToReserves) is architecturally absent in EVK — no eToken/dToken system. No repeat risk from V1 root cause. RD-F-080 n/a Days since last exploit [downgraded: only curator_note evidence] V1 exploit 2023-03-13 to assessment 2026-05-04 = 782 days. V2 has had zero exploits in 607 days live. Display value: 782 days since any brand-level incident. RD-F-088 n/a Re-deployed to new addresses in last year [downgraded: only curator_note evidence] No full address-set retirement/redeploy in last 12 months. V2 is expanding to new chains (16 chains as of May 2026), but new chain deployments are expansions, not replacements. EVault factory-generated vault addresses are protocol-native behavior. GitHub last commit: 2026-03-13.

RD-F-076 green Protocol age (days) V2 live since 2024-09-04; 607 days at assessment date 2026-05-04. Clears A-grade 12-month minimum.

RD-F-081 green Post-exploit response score Post-exploit response quality for V1 incident scored 5/5: (1) Full recovery — $240M returned by 2023-04-03; (2) Technical PM published within days (Omniscia Medium post named contracts, code paths, eIP-14 delta); (3) Root cause fully disclosed — donateToReserves health-check omission specifically named; (4) Operational recovery — complete V2 rebuild, $4M security spend, 29+ audits. Sherlock paid $4.5M insurance claim accepting responsibility.

RD-F-082 green Post-mortem published within 30 days Omniscia technical post-mortem published within days of the March 13, 2023 exploit. Well within the 30-day threshold. Rekt.news also published a detailed analysis contemporaneously.

RD-F-083 green Auditor re-engaged after last exploit After V1 exploit: Euler Labs engaged 13+ firms for 29+ audit reports across the entirely new V2 codebase ($4M spend). Firms include Spearbit, OpenZeppelin, ChainSecurity, Certora, Omniscia, yAudit, Cantina (competition), Trail of Bits, Zellic, Electisec, EnigmaDark. Cantina competition (May–June 2024, $1.25M prize pool) found zero high/medium issues. Hats Finance CTF ($3.5M) also failed to breach V2.

RD-F-086 green Pause activations (trailing 12 months) 1 deliberate pause activation in trailing 12 months: rsETH and wrsETH market freeze on April 18–20, 2026, following the KelpDAO bridge exploit ($292M). Pause initiated by Euler pause guardians (two security monitoring firms + Euler Labs Ops multisig) to prevent use of stolen unbacked rsETH as collateral. Preventive action — not triggered by a V2 exploit. Pause guardian system functioned as designed. No full-protocol pause.

RD-F-087 green Pause > 7 consecutive days No evidence of any pause exceeding 7 consecutive days. The April 2026 rsETH market freeze was a per-market freeze (not a full protocol pause) and was not sustained for more than a few days while risk managers assessed the situation.

RD-F-166 green Deprecated contracts still holding value Euler V1 contracts (euler-xyz/euler-contracts, Ethereum mainnet) are officially deprecated since March 2023. DeFiLlama API confirms V1 TVL = $0 continuously since March 2023 exploit — all funds returned via hacker negotiation by April 2026. Deprecated surface holds $0 in assets. Green threshold: deprecated contracts hold $0. No F166 risk.

Real-time signals Gray 0 22 of 22

Dev identity & insider risk Green 4 16 of 16

RD-F-114 yellow Deployer address prior on-chain history Deployer 0xee009faf00cf54c1b4387829af7a8dc5f0c8c8c5 funded Nov 2021 (tx 0x7810dd1c...) from an unlabeled intermediate EOA (0xd638d712...EA7c26b79 per Etherscan truncated display). No CEX label confirmed on the hop-1 funder; no mixer label either. Activity span Nov 2021 to Feb 2026 shows consistent Euler protocol deployment activity (V1 and V2 contracts). No linked-to-prior-rug classification. Ambiguous intermediate funder (not confirmed CEX, not confirmed mixer) warrants yellow on this factor specifically — normal-dev-history likely but 1 hop unconfirmed. RD-F-117 yellow ENS/NameStone identity bound to deployer No ENS primary record bound to deployer 0xee009faf00cf54c1b4387829af7a8dc5f0c8c8c5. Etherscan label 'Euler: Deployer' provides equivalent organizational identification. Standard for institutional/organizational protocol deployers. ENS binding absent but organizational identity is established via other means. RD-F-184 gray Real-capital social-engineering persona No curator-flagged evidence that any Euler team contributor or external integrator persona has deployed ≥$1M of real-capital deposits to Euler V2 or peer protocols as a social-engineering credibility-build. The Drift/UNC4736 reference pattern (F184's defining case) involves a long-duration in-person conference build-up — no analogous pattern detected for Euler. Team identities are publicly registered and institutionally funded. M-only curation required; gray is correct absent curator-verified positive signal.

RD-F-111 green Team doxx status Real-name doxxed across all three founding directors. Michael Bentley (Dr, Oxford PhD Mathematical Biology 2011-2016, British), Douglas Hoyte (Canadian, blockchain developer), Jack Prior (UK, resigned Mar 2024). New CEO Jonathan Han (American, University of Pennsylvania). Kasper Pawlowski (Polish, director Feb 2026). All listed as directors at UK Companies House, Euler Labs Ltd, Co. No. 12863550. Euler Foundation legal wrapper. Highest doxxing tier.

RD-F-112 green Team public accountability surface Multiple verifiable public trails per key member. Bentley: LinkedIn, Twitter/X @euler_mab, Oxford credentials, Into the Bytecode ep.48, The Block Crypto Beat ep.4, YouTube video interviews, Crunchbase, CypherHunter, ETHDenver speaker. Hoyte: GitHub hoytech (100+ repos, 500+ stars), ETHDenver 2024 speaker (Euler Vault Kit presentation video confirmed), whitepaper authorship, The Org profile. Han: LinkedIn, The Tie SVP BD role publicly documented. Accountability surface among higher tier in DeFi lending category.

RD-F-113 green Team other-protocol involvement history No prior rug or exit-scam affiliations for any named team member. Bentley's prior work was academic research at Oxford. Hoyte's prior work is open-source software (hoytech GitHub). Jack Prior resigned cleanly in March 2024. Euler V1 was a legitimate protocol that suffered an external flash-loan exploit; team negotiated full return of ~$197M — the opposite of a rug. No hacksdatabase or REKT News attribution of any Euler team member as perpetrator.

RD-F-115 green Prior rug/exit-scam affiliation No team member linked via verified OSINT to a prior rug or exit scam. Coinbase Unit 0x investigation of the V1 exploit confirmed the attacker was an external exploiter, not a team member. REKT News and hacksdatabase have no Euler team attribution as perpetrators. V1 fund recovery (full ~$197M returned) is the strongest available signal for team integrity.

RD-F-116 green Contributor tenure at admin-permissioned PR Core engineering contributors (Doug Hoyte, Kasper Pawlowski per Companies House director appointment) have multi-year tenure at Euler Labs (company founded Sept 2020). The euler-xyz GitHub org shows consistent contributor history on euler-vault-kit and ethereum-vault-connector through 2022-2024. No evidence of a short-tenure (<90 day) contributor making admin-permissioned code changes for V2 deployment.

RD-F-118 green Handle reuse across failed/rugged projects No social handle for any Euler team member has been associated with a prior rugged or failed project under a different alias. @euler_mab (Bentley) has been the consistent Twitter/X handle since Euler's founding in 2020. @eulerfinance protocol account is consistent. Doug Hoyte's GitHub handle 'hoytech' predates DeFi and is his long-standing open-source identity. No handle-reuse-across-rugged-projects found.

RD-F-119 green Commit timezone consistent with stated geography Qualitative review of euler-xyz GitHub commit timestamps: distribution consistent with UK/European business hours (Bentley, London-based entity) and Canadian hours (Hoyte). No anomalous concentration of commits in North Korean business-hour windows (UTC+9, night-time for UK/Canada). Euler Labs Ltd is UK-registered; team geography is publicly stated as UK/EU.

RD-F-120 green Video-off/voice-consistency flag Michael Bentley appears on video at ETHDenver, The Block Crypto Beat (video ep.4), 'From Crisis to Comeback' YouTube interview, Into the Bytecode podcast. Doug Hoyte presented live at ETHDenver 2024 (Euler Vault Kit talk, video clip confirmed on X/Twitter). Jonathan Han appears in institutional-focused materials. No video-off pattern for founding team members. Voice and timezone consistent with stated UK/Canadian geography.

RD-F-121 green Contributor OSINT depth score Curator-scored 4/5. Bentley: LinkedIn (Oxford PhD, Euler Labs CEO), Twitter/X 20k+ followers, multiple video/podcast interviews, CypherHunter and Crunchbase profiles, UK Companies House director. Hoyte: GitHub hoytech (100+ repos, consistent open-source history since pre-DeFi era), ETHDenver speaker, whitepaper co-author, The Org profile. Han: LinkedIn (U Penn, The Tie SVP BD). Not 5/5 because Kasper Pawlowski has a thin public trail (director since Feb 2026, limited independent documentation beyond Companies House).

RD-F-122 green Contributor paid to DPRK-cluster wallet No evidence that Euler Labs team contributor wallets have payment paths ≤ 3 hops to DPRK-labeled cluster. Euler Labs was funded via Haun Ventures, Variant, Jump Crypto, and others in a $32M raise — institutional VC funding paths trace to regulated entities, not DPRK-proximate addresses. EUL DAO treasury compensation routes through on-chain governance proposals to institutional multisigs. No contributor payment to DPRK-routed wallet found.

RD-F-123 green Sudden admin-rescue/ACL change without discussion No non-routine admin-rescue or ACL change found without corresponding governance discussion in the past 180 days (Nov 2024 – May 2026). The Euler v2 per-vault governor model routes parameter changes through documented eIP process: forum RFC → Snapshot vote → on-chain execution. 'Prepare EVK Factory for Pause Guardians' RFC (Sept 17 2024) was posted publicly before implementation (posted by 'doug' = Doug Hoyte; 0 replies but publicly disclosed). eIP 62 (Feb 25 2025, 'Optimistic Risk Management: timelocked risk stewards and limited rapid response') addresses the ACL/governor change process directly. Emergency guardian roles (Euler Labs, Gauntlet) are documented in governance architecture, not hidden. No undiscussed admin-rescue event identified.

RD-F-124 green Deployer wallet mixer-funded within 30 days V2 deployed September 2024. The 30-day pre-deploy window is August 2024. Deployer 0xee009faf00cf54c1b4387829af7a8dc5f0c8c8c5 was funded approximately November 2021 — ~34 months before the V2 deploy — well outside the 30-day critical window. Etherscan shows no Tornado Cash, Railgun, or other mixer label on the deployer address or its immediate funder address (0xd638d712...EA7c26b79, which carries no mixer label). No mixer interaction identified in the 30-day pre-V2-deploy window.

RD-F-125 green Deployer linked within 3 hops to DPRK/Lazarus No confirmed DPRK/Lazarus proximity within 3 hops for the Euler Labs deployer or any named team member wallet. Team directors are UK/Canadian/American/Polish nationals registered with UK Companies House. The V1 exploit hacker (an external attacker) sent 100 ETH to a Ronin-linked Lazarus address in March 2023; this is adversarial external action, not a team-wallet interaction. The V1 hacker subsequently returned all ~$197M, strongly inconsistent with DPRK state-sponsored actors. Chainalysis did not confirm DPRK attribution to the V1 exploit. OFAC SDN: no Euler Labs team wallet identified on SDN list.

Fork / dependency lineage Green 0 10 of 10

RD-F-126 n/a Is-a-fork-of Euler V2 is NOT a fork. It is an entirely original codebase built after the March 2023 V1 exploit. Euler Labs explicitly states V2 is a complete rewrite. GitHub euler-xyz/euler-vault-kit has no upstream fork relationship. Architecture (EVK + EVC) is original with no known precedent. RD-F-127 n/a Upstream patch not merged Not a fork — no upstream exists to have unmerged patches from. Factor is moot. RD-F-128 n/a Upstream vulnerability disclosure (last 90d) Not a fork — no upstream vulnerability disclosure applies. Factor is moot. RD-F-129 n/a Code divergence from upstream (%) Not a fork — code divergence from upstream is undefined for original protocols. Factor is moot. RD-F-130 n/a Fork depth (generations from original audit) Euler V2 is the original (generation 0). No fork chain exists. Factor is moot. RD-F-131 n/a Fork retains upstream audit coverage Not a fork — factor asks about upstream audit coverage carried into a fork. Euler V2 has its own comprehensive audit coverage (12+ firms). Factor as phrased is moot; EVK audit coverage is assessed under Cat 1. RD-F-132 n/a Fork has different economic parameters than upstream Not a fork — factor asks whether fork's economic parameters differ from upstream audited defaults. Euler V2 parameters are novel (per-vault LTV, per-vault oracle). Factor is moot.

RD-F-133 green Dependency manifest uses unpinned versions .gitmodules shows 4 dependencies all pinned to exact commit SHAs: openzeppelin-contracts (e682c7e5 = v5.0.2), ethereum-vault-connector (084b32284b), forge-std (b6a506db), permit2 (cc56ad0f). No ^ or ~ version ranges. All critical libraries pinned to exact version.

RD-F-134 green Dependency had malicious-release incident (last 90d) No GHSA or npm advisory found for malicious releases of openzeppelin-contracts v5.0.2, ethereum-vault-connector, forge-std, or permit2 in trailing 90 days (Feb-May 2026). All deps are pinned to exact commit SHAs — new malicious releases would not auto-update.

RD-F-135 green Shared-library version with known-vuln status OZ contracts pinned to v5.0.2 (commit e682c7e5). Known high/critical OZ advisories affect versions <4.3.2 or <4.7.3 — all below 5.0.2. Snyk reports v5.6.0+ shows 0 vulnerabilities; v5.0.2 is between 4.7.3 and 5.6.0, above all patched advisory thresholds. No active high/critical GHSA for OZ v5.0.2 found. EVC pinned (euler-xyz own code, separately audited). Permit2 (Uniswap) mature library with no active critical advisories.

Post-deploy hygiene & change mgmt Green 9 13 of 13

RD-F-136 yellow Deployed bytecode matches signed release tag EVC v1.0.1 released with commit SHA (2024-11-20). EVK audits cite commit SHAs. Full bytecode-to-signed-tag verification requires code-security-analyst toolchain comparison. No mismatch observed in available data but full verification not completed. RD-F-142 yellow Storage-layout collision risk across upgrades EVault uses beacon proxy: all vaults share one implementation. setImplementation() atomically changes all vaults. Storage layout continuity is critical across upgrades. Certora FV was conducted pre-launch but specific storage layout collision check not separately confirmed. Code-security-analyst should verify OZ upgrades plugin storage layout diff. RD-F-145 yellow Deployed bytecode reproducibility Foundry build system confirmed (foundry_toml_present=true, optimizer_enabled=true, optimizer_runs=20). Build instructions available in repo. Bytecode reproducibility expected but explicit curator reproduction attempt not performed. RD-F-168 gray Stale-approval exposure on deprecated router Euler V2 has no deprecated routers. V1 is a separate deprecated deployment; V2 shares no contract surface with V1. Stale approval exposure to V1 contracts is an ops-history concern (Cat 5), not a V2 post-deploy hygiene finding. RD-F-185 gray Bridge rate-limiter / chain-pause as positive mitigant Euler V2 has no bridge component. EVC is an EVM-only singleton on each chain with no cross-chain bridge. layerzero.present=false confirmed in data cache. F185 (bridge rate-limiter / chain-pause) is not applicable.

RD-F-137 green Upgrade frequency (per 90 days) No Upgraded events identified in recent 90-day Etherscan history for EVault implementation or EVC. GitHub last commit 2026-03-13 does not confirm a deployment. Upgrade frequency is 0 in trailing 90 days based on available data.

RD-F-138 green Hot-patch deploys without timelock (last 30 days) No hot-patch (timelock-bypassed) upgrades in last 30 days. eVault Factory Timelock has 4-day delay; Admin Timelock has 48h delay. No CallExecuted events bypassing timelock identified in available Etherscan data.

RD-F-139 green Post-audit code changes without re-audit 29+ pre-launch audits covering launch bytecode. Post-competition reviews: Electisec setLTV, EnigmaDark EVK, M4rio.eth setLTV — all covering post-competition changes. GitHub last commit 2026-03-13 requires explicit verification that no unaudited deployment occurred. No material unaudited post-launch change identified in available evidence.

RD-F-140 green Fix-merged-but-not-deployed gap No known security-fix PRs merged but undeployed identified. Competition findings addressed in yAudit_competition_fixes_report.pdf with Electisec follow-up audit.

RD-F-141 green Test-mode parameters in deploy Constructor args for timelocks use production-appropriate values (minDelay=172800/345600, proposer=DAO multisig). No test-mode parameters (test oracle, infinite allowance, admin=deployer) identified in deployed configuration.

RD-F-143 green Reinitializable implementation (no _disableInitializers) EVault implementation constructor sets initialized=true via custom boolean guard. Initialize.sol: 'if (initialized) revert E_Initialized(); initialized = true'. Constructor also sets initialized=true to prevent direct initialization of the implementation. Functionally equivalent to _disableInitializers() for this implementation. Custom pattern, not OZ standard — code-security-analyst should verify proxy takeover vector coverage.

RD-F-144 green CREATE2 factory permits same-address redeploy GenericFactory uses standard new BeaconProxy() or minimal meta proxy — no CREATE2 with selfdestruct pattern. No same-address redeploy pathway identified.

RD-F-146 green New contract deploys in last 30 days Per-vault creation via eVaultFactory is normal operational activity (753 historical factory txs). No anomalous burst of deployer activity in last 30 days identified. GitHub last commit 2026-03-13 does not confirm deployment.

Cross-chain & bridge Gray 0 12 of 12

Threat intelligence & recon Gray 0 8 of 8

RD-F-158 n/a Known-threat-actor cluster has touched protocol [downgraded: only curator_note evidence] Chainalysis (2023) documented 100 ETH from Euler V1 exploiter to Ronin/Lazarus-linked address. Attribution confidence: low-medium (Chainalysis noted possible false flag). V1 exploiter money, not Lazarus wallet touching V2 contracts. No confirmed DPRK cluster interaction with V2. Yellow due to V1 tangential Lazarus link and protocol class being within DPRK target preference (large EVM lending). RD-F-159 gray Attacker wallet pre-strike probe (low-gas failing txs) Requires mempool listener + threat-actor cluster feed. No probe pattern identified. RD-F-160 n/a GitHub malicious-dependency incident touching protocol deps [downgraded: only curator_note evidence] No malicious dependency advisory flagged for OZ or foundry packages in last 90 days. RD-F-161 n/a Protocol-impersonator domain registered (typosquat) [downgraded: only curator_note evidence] No confirmed typosquat identified but domain-monitoring feed not queried (requires paid WHOIS monitoring). Euler is a recognizable $380M TVL brand. Yellow due to monitoring gap + high-value target profile. RD-F-162 n/a Known-exploit-template selector deployed by any address [downgraded: only curator_note evidence] No exploit-template contract for V2 deployed and identified. V1 donateToReserves pattern is inapplicable to V2 architecture. RD-F-163 n/a Avg attacker reconnaissance time for peer-class protocols [downgraded: only curator_note evidence] Peer-class EVM lending protocols have 30-78 day reconnaissance windows (T-01 evidence). No specific reconnaissance wallet cluster identified on V2 in lookback window. Active whitehats (510 Cantina submissions since Aug 2024) represent legitimate researcher engagement vs malicious recon. RD-F-164 n/a Leaked credential on paste/sentry site [downgraded: only curator_note evidence] No paste-site or credential-dump reference to Euler V2 infra found. Requires continuous paste-monitoring feed for full coverage. RD-F-165 gray Protocol social channel has scam-coordinator flag Requires curator social watchlist. No positive identification. Euler Discord/X presence not confirmed via direct URL in this assessment.

Tooling / compiler / AI Green 0 5 of 5

RD-F-171 n/a Bytecode similarity to audited upstream with behavior deviation Euler V2 is the original — there is no audited upstream to compare bytecode against for AI-copy-risk detection. Factor designed for fork/copy scenarios. N/A for original protocols.

RD-F-170 green Solc version used (known-bug versions flagged) EVK (EVault implementation): v0.8.24+commit.e11b9ed9, EVM Cancun. EulerSwap: v0.8.27+commit.40a35a09, EVM Cancun. Both confirmed on Etherscan with Exact Match. Solcbuginfo check: 0.8.24 not on known-bug list. TransientStorageClearingHelperCollision (high) starts at 0.8.28 — neither version affected. No Vyper contracts.

RD-F-172 green Repo shows AI-tool co-authorship in critical files Last 5 commits inspected (SHAs 5b98b420, adfef08e, 422bf244, 396f8e55, 06001111) show human authors (kasperpawlowski, erik1o6, hoytech). No co-authored-by GitHub Copilot or ChatGPT Code Interpreter trailers found in visible commit messages. Commit messages are routine (SECURITY.md, audit report additions, setLTV fix).

RD-F-173 green Team self-disclosure of AI-generated Solidity No public blog post, tweet, or documentation from Euler Labs disclosing AI-generated Solidity in security-critical paths found. Given 29-report pre-launch audit process and $4M security investment, AI-generated code in critical paths would have been flagged by auditors. Absence of disclosure is noted; confidence is low.

RD-F-174 green Dependency tree uses EOL Solidity version EVK compiled at 0.8.24 (current, not EOL). EulerSwap at 0.8.27 (current). OZ v5.0.2 supports 0.8.x. foundry.toml: optimizer=true, 20000 runs, EVM Cancun — all current supported parameters. BSL-1.1 modules (src/EVault/modules/) compiled at same version. No EOL Solidity version detected.

Response & disclosure hygiene Yellow 25 4 of 4

RD-F-176 red Disclosure SLA public No acknowledgment-time SLA published. Checked: SECURITY.md (fetched 2026-05-04), Cantina program page (fetched 2026-05-04), docs.euler.finance/security/bug-bounty/ (fetched 2026-05-04). None of these documents specify an acknowledgment window. The program is mature in bounty size ($7.5M) but lacks a published response commitment. Red: no SLA published.

RD-F-175 green Disclosure channel exists Active Cantina-hosted bug bounty program since 2024-08-21 with $7.5M max payout. Program URL: https://cantina.xyz/bounties/4d285eee-602e-440a-845e-25e155cec26a. SECURITY.md present in euler-xyz/euler-vault-kit (security@euler.xyz for inquiries, Cantina for reports). 510 submissions as of profile date. Green: active channel with evidence of active monitoring (510 submissions indicates researchers are actively engaging).

RD-F-177 green Prior known-ignored disclosure No evidence of a disclosed vulnerability being ignored prior to any exploit. For V1: the donateToReserves vulnerability was not reported via bug bounty or responsible disclosure before the exploit. It was an audit gap — Sherlock audited eIP-14 and missed the health check omission; Omniscia explicitly noted the function was out of their scope. No 'disclosed but ignored' pattern. V2 has no prior incidents. Green.

RD-F-178 green CVE/GHSA advisory issued against protocol No CVE or GHSA advisory issued against euler-vault-kit or ethereum-vault-connector repos. GitHub security tab for euler-xyz/euler-vault-kit explicitly states 'There aren't any published security advisories.' Web search for GHSA/CVE against euler-vault-kit returned no results. Green: no active advisory.

rubric_version v1.7.0 graded_at 2026-05-12 04:38:07 factors 184 protocol euler-v2