★ Immutable oracle address

Falcon Finance's assessment for RD-F-180 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

[★ CANDIDATE — FLAG FOR T-14 PD-017] Oracle address immutability cannot be assessed. USDf ERC20 and sUSDf ERC4626 contracts contain no oracle address variables. Collateral pricing oracle consumption occurs in an unidentified minting controller — not publicly documented or labeled on Etherscan.

Detail #

Etherscan readContract for USDf impl (0x3aDf34C...) shows only: balanceOf, allowance, totalSupply, name, symbol, decimals, nonces, hasRole, getRoleAdmin, isRestricted, DOMAIN_SEPARATOR, eip712Domain. No oracle address, setOracle, updateFeed, or immutable oracle variable visible. The MINTER_ROLE holder (which calls USDf.mint()) is the entity that would embed oracle consumption logic — this entity has not been publicly identified. Protocol is functionally closed-source at the oracle-adapter layer despite ERC20/ERC4626 contracts being verified. Flagged for T-14 per PD-017.

Sources #

Docs
Falcon Finance Smart Contracts Documentationdocs.falcon.finance/resources/smart-contracts — no minting controller contract listedretrieved 2026-05-12
Etherscan
USDf Implementation Contract — EtherscanEtherscan 0x3aDf34C09DAC24E4BAeFB1b1df4C2992edC2b789 readContract — no oracle address state variablesretrieved 2026-05-12

Methodology #

Determine whether any collateral oracle address is marked `immutable` in protocol config with no admin-replaceable adapter wrapper, preventing the protocol from repricing when the upstream asset depegs.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol falcon-finance factor RD-F-180 score gray collected_at 2026-05-12 04:06:37