defirisk.co
rubric v1.7.0

Admin has mint() with unlimited max

Liquity V1 + V2 (LUSD / BOLD)'s assessment for RD-F-042 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

BOLD token mint() is restricted to BorrowerOperations (BO) and ActivePool (AP) contract addresses — internal protocol contracts, not an admin EOA. Guard: _requireCallerIsBOorAP(). Owner cannot grant mint to arbitrary addresses. Ownership renounced post-setup via _renounceOwnership() called in setCollateralRegistry(). Minting structurally bounded by CDP collateral mechanics — no mint without corresponding collateral. LUSD (v1) similarly had no admin-callable mint.

Sources #

  • GitHub
    BoldToken.sol — Liquity bold GitHubBoldToken.sol: _requireCallerIsBOorAP() guard on mint(); setCollateralRegistry() calls _renounceOwnership() — owner cannot change mint permissions post-setupretrieved 2026-05-16
  • Etherscan
    BOLD Token Contract — EtherscanBOLD token 0x6440f144b7e50d6a8439336510312d2f54beb01d verified source — mint restricted to BO+AP; owner renouncedretrieved 2026-05-16

Methodology #

Determine whether an admin-callable `mint` on a protocol token has no supply cap or an unlimited maximum supply.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol liquity factor RD-F-042 score green collected_at 2026-05-16 10:35:50