defirisk.co
rubric v1.7.0

Deployed bytecode matches signed release tag

Lombard Finance's assessment for RD-F-136 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

GitHub repo has 2,179 commits on main; last commit 2026-04-20. No confirmed signed release-tag convention. Audit PDFs reference specific commit hashes (e.g., Veridise V2 commit b42ac63) but full deployed-bytecode-to-signed-tag correspondence is unconfirmed.

Sources #

  • URL
    https://github.com/lombard-finance/evm-smart-contracts/tree/main/docs/auditretrieved 2026-05-05
  • GitHub
    https://github.com/lombard-finance/evm-smart-contractsretrieved 2026-05-05

Methodology #

Determine whether the deployed runtime bytecode corresponds to a signed git tag in the protocol's repository.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol lombard factor RD-F-136 score yellow collected_at 2026-05-05 12:03:08