defirisk.co
rubric v1.7.0

M^0

EVM-compatible, immutable stablecoin issuance infrastructure: permissioned Minters post off-chain T-bill collateral to mint $M; Two-Token Governance (TTG) manages protocol parameters via StandardGovernor/EmergencyGovernor/ZeroGovernor.

Sector rwa
TVL $325.5M
Reviewed May 16, 2026
Factors 184
Categories 13
Risk score 15.0
DeploymentsEthereum · $325.5M
01

Risk profile at a glance

1 red · 2 yellow · 10 green
25 24 17 13 15 22 16 10 13 12 8 5 4
02

Categories & evidence

184 factors · 13 categories
Code & audits Green 14 25 of 25
RD-F-007 red Bug bounty presence & max payout No active public bug bounty program identified at $325.5M TVS. Immunefi: no M0 listing. Cantina: no M0 listing. docs.m0.org audits page: no mention of bounty. No security@ email published. KAST on Immunefi is an ecosystem extension (solana-m-extensions), not M^0 core. Structural absence of whitehat economic incentive at this TVL tier. RD-F-183 red Bug bounty scope gap on highest-TVL contracts No active public bug bounty program identified for M^0. Immunefi: no listing. Cantina: no listing. docs.m0.org: no mention. No security@ email. At $325.5M TVS, the core MToken and MinterGateway contracts (majority of TVS) have zero public bounty coverage. KAST on Immunefi is an ecosystem extension (solana-m-extensions), not M^0 core. Structural scope gap at this TVL tier. RD-F-002 yellow Audit recency Most recent audit is Dec 2025-Feb 2026 periphery coverage (Sherlock, Halborn, Adevar, ChainSecurity, Guardian). Core protocol + TTG last fully audited Jan-Apr 2024 (~24 months ago). SwapFacility periphery last audited Aug 2025 but has since been upgraded Feb 24 2026. Core is immutable so age is acceptable; live proxy surface has post-audit upgrade gap. RD-F-003 yellow Resolved-without-proof findings Kirill Fedoseev H-01 fixed; M-02 (validator signature retrieval manipulation) and I-07 (absence of key rotation mechanism) acknowledged as design trade-offs. Seven other PDF audits not directly parseable; resolution status inferred from clean deployment. No post-launch exploits. Acknowledged findings represent deliberate design decisions, not unresolved bugs. RD-F-021 yellow UUPS _authorizeUpgrade correctly permissioned Core contracts are immutable — no proxy/upgrade. SwapFacility uses TransparentUpgradeableProxy (no _authorizeUpgrade needed — ProxyAdmin restricts upgrades). HubPortal (ERC1967/UUPS) should define _authorizeUpgrade restriction in implementation. Covered by M-Portal and M-Extensions audits but implementation source not directly inspected for this factor. RD-F-023 yellow Constructor calls _disableInitializers() SwapFacility implementation (0x45bF08d0) constructor does NOT include _disableInitializers() — sets mToken and registrar then calls __init(). HubPortal impl source not directly inspectable. WrappedM and core contracts N/A (no proxy/initializer). Certora/ChainSecurity M-Extensions audits (Jul-Aug 2025) did not flag this as critical. Handoff to governance-admin-analyst for F143 assessment. RD-F-010 gray Static-analyzer high-severity count No published Slither or Mythril static analysis report found. GitHub CI workflows include Certora FV and invariant testing but no SAST (Slither/Mythril) CI workflow found in .github/workflows tree. No third-party published static analysis output found via web search. Requires tool run not feasible in this assessment.
RD-F-001 green Audit scope mismatch Nine firms audited core protocol + TTG at Jan-Apr 2024 commits (Kirill Fedoseev lists Common 0a0cae40, Protocol 5e5a4877, TTG da995f37). All nine core contracts verified on Etherscan as Exact Match using solc 0.8.23+commit.f704f362. No mismatch for immutable core contracts. SwapFacility 2026-02-24 upgrade post-dates audit but assessed under F139.
RD-F-004 green Audit count Core protocol + TTG covered by 8 distinct firms: Quantstamp, Three Sigma, Certora, ChainSecurity, OpenZeppelin, Prototech Labs, Kirill Fedoseev, Sherlock. Periphery has 3-5 firms per component. Total 26+ distinct engagement instances across all M0 deployments. Exceptional multi-firm coverage.
RD-F-005 green Audit firm tier Tier-1 coverage: OpenZeppelin, ChainSecurity, Certora (FV) cover the core. Additional Tier-1: OtterSec (Solana), ConsenSys Diligence. Tier-2: Three Sigma, Quantstamp, Prototech Labs, Sherlock, Guardian, Halborn, ChainLight, OtterSec, Sec3. Three Tier-1 firms on core contracts is exceptional.
RD-F-006 green Audit-to-deploy gap Core audits ended ~April 2024; deployed May 7 2024 (block 19,818,431). Gap ~1-4 weeks, well within 60-day threshold. WrappedM: audited Jul-Aug 2024, deployed Aug 14 2024 (<2 weeks). HubPortal: audited then deployed Feb 19 2025. All within acceptable drift window.
RD-F-008 green Ignored bounty disclosure No incidents found in profile; rekt.incidents cache is empty. No public evidence of a pre-exploit disclosed vulnerability that was ignored. M^0 has no prior security incidents as of 2026-05-16.
RD-F-009 green Formal verification coverage Certora conducted genuine formal verification: certora/ directory with CVL specs and certora_verification.yml CI in m0-foundation/protocol; separate Certora/M0-Protocol fork with formal specs. Prototech Labs delivered invariant test suite Jan-Feb 2024. Covers critical protocol invariants (earner rate indexing, collateral accounting, minting constraints). Exceptionally strong FV posture.
RD-F-011 green SELFDESTRUCT reachable from non-admin path Source inspection of MToken.sol, MinterGateway.sol, ContinuousIndexing.sol reveals no selfdestruct opcode. Core contracts are immutable (no CREATE/SELFDESTRUCT). Proxy implementations (HubPortal, SwapFacility) use OZ-standard UUPS/Transparent patterns — no selfdestruct. Source inspection is deterministic for this pattern.
RD-F-012 green delegatecall with user-controlled target MinterGateway uses only staticcall for rate model reads (read-only, immutable target addresses). MToken.sol: no delegatecall. No user-controlled delegatecall target found in source inspection. Governor execution path is Cat 9 scope.
RD-F-013 green Arbitrary call with user-controlled target MinterGateway external calls target only known immutable addresses (mToken, ttgVault, validator addresses). No arbitrary call(user-supplied-target, user-supplied-data) pattern in core contracts. SwapFacility covered by ChainSecurity/Certora M-Extensions audits Jul-Aug 2025.
RD-F-014 green Reentrancy guard on external-calling functions MinterGateway uses CEI pattern — state mutations (delete _mintProposals[msg.sender]) precede external calls (IMToken.mint()). No explicit nonReentrant modifier but CEI is correct pattern. ERC-20 transfers do not use attacker-controlled callbacks. Covered by Certora FV and Prototech invariant tests.
RD-F-015 green ERC-777/1155/721 hook without reentrancy guard $M token (MToken) is standard ERC-20 without token-callback hooks. Protocol does not accept ERC-777/ERC-1155/ERC-721 tokens as collateral — collateral is off-chain T-bills attested by validators, not on-chain tokens. No ERC-777 callback vector exists by architecture.
RD-F-016 green Divide-before-multiply pattern ContinuousIndexingMath.sol uses explicit divideDown/divideUp and multiplyDown/multiplyUp wrappers with deliberate rounding semantics. MinterGateway uses explicit rounding in collateral accounting. Certora FV covers arithmetic invariants. No divide-before-multiply pattern detected in source review.
RD-F-017 green Mixed-decimals math without explicit scaling $M uses 6 decimals; all rate model math uses explicit indexed scaling via ContinuousIndexingMath. No multi-token collateral deposit path (collateral is off-chain). No mixed-decimal scenario in core mint/burn math. Certora FV would flag arithmetic divergences.
RD-F-018 green Signed/unsigned arithmetic confusion Solidity 0.8.x built-in overflow checks mitigate most signed/unsigned confusion at compile time. Protocol uses uint256 throughout for amounts and indices. Certora FV and Prototech invariant tests cover arithmetic correctness. No evidence of signed/unsigned casting issues.
RD-F-019 green ecrecover zero-address return unchecked MinterGateway uses SignatureChecker.isValidSignature() abstraction rather than raw ecrecover. OZ SignatureChecker handles address(0) check internally. Kirill Fedoseev H-01 (validator double-counting related to signature validation) was Fixed. No raw unguarded ecrecover found in source inspection.
RD-F-020 green EIP-712 domain separator missing chainId MToken implements EIP-2612 (permit) and EIP-3009 (authorization). Sherlock contest and Certora FV covered EIP-712 compliance. MZero-Labs/common library used for ERC-20 Extended including EIP-712. No cross-chain replay finding in any of 8 audit firm reports — consistent with proper chainId inclusion.
RD-F-022 green Public initialize() without initializer modifier Core contracts (MToken, MinterGateway, Registrar, three governors, PowerToken): immutable, constructor-only initialization, no initialize() function. WrappedM impl: constructor-only. SwapFacility impl (0x45bF08d0): has initialize() and initializeV2() but uses OZ Initializable (initializer modifier). HubPortal impl: initialize() with OZ Initializable. No unguarded public initialize() without modifier found.
RD-F-024 green Code complexity vs audit coverage Core protocol ~2 main contracts (MToken.sol ~600 lines, MinterGateway.sol ~1,400 lines) plus abstracts and libraries. Eight firms over Jan-Apr 2024 with three Tier-1 firms provides sufficient audit density. Prototech Labs invariant suite provides additional assurance. Audit volume and quality relative to code complexity is strong.
Governance & admin Green 19 24 of 24
RD-F-026 yellow Upgrade multisig signer configuration (M/N) No traditional M/N multisig controls upgrade paths. Core protocol is immutable. Periphery proxy admin is a single deployer EOA (effective 1/1). TTG governance uses epoch-based POWER/ZERO token holders — no fixed signer set. safe_addresses: [] confirmed in config. RD-F-032 yellow Timelock duration on upgrades No OZ TimelockController. TTG epoch provides ~30-day minimum delay for standard proposals (Transfer + Voting epoch). EmergencyGovernor uses threshold voting — potentially < 24h if threshold POWER percentage is met. Periphery proxy upgrades have zero delay (deployer EOA direct). RD-F-033 yellow Timelock on sensitive actions Core protocol sensitive actions (Minter list, Validator list, rate parameters via setKey/addToList) route through StandardGovernor or EmergencyGovernor with TTG delays. No timelock on periphery proxy upgrades — deployer EOA direct. Split coverage: core timelocked via TTG; periphery upgrades not timelocked. RD-F-034 yellow Guardian/pause-keeper distinct from upgrader No pause mechanism on core contracts (MToken, MinterGateway are immutable, no pause function found). HubPortal and Portal Lite have whenNotPaused modifier; pauser role exists but is not confirmed as distinct from owner/upgrader — both appear to be deployer EOA. No confirmed Guardian multisig identified. RD-F-035 yellow Role separation: upgrade ≠ fee ≠ oracle Core protocol has no fee, oracle, or upgrade roles — all governed by TTG. Periphery proxy admin (upgrade role) is the same deployer EOA that controls setSupportedBridgingPath() and other admin functions. Role separation N/A for core but absent for periphery. RD-F-038 yellow Proposal execution delay < 24h StandardGovernor proposals: ~30-day minimum delay (Transfer + Voting epoch). EmergencyGovernor: threshold-vote, executable when threshold is reached — potentially < 24h in a governance emergency. ZeroGovernor: similar threshold-based structure. Emergency path may be < 24h for threshold proposals. RD-F-040 yellow Emergency-veto multisig present No traditional veto multisig. ZeroGovernor can Reset the governance system (redistribute POWER to ZERO holders), functioning as an ultimate override. EmergencyGovernor provides faster-than-standard governance path. No explicit cancel() role found on governors. RD-F-041 yellow Rescue/emergencyWithdraw without timelock Core contracts (MToken, MinterGateway, Registrar, governors, DistributionVault) have no rescue/emergencyWithdraw functions. DistributionVault only has epoch-based claim()/distribute(). Periphery proxies: deployer EOA (proxy admin) can upgrade HubPortal, Portal Lite, SwapFacility to any implementation without timelock — effectively a rescue-equivalent risk via malicious upgrade. RD-F-043 yellow Admin = deployer EOA after 7 days Deployer EOA 0xf2f1acbe0ba726fee8d75f3e32900526874740bb (labeled M0: Deployer) is currently proxy admin/owner of SwapFacility, HubPortal, and Portal Lite. Protocol launched 2024-05-07 — well beyond 7-day window. Deployer EOA still active (last tx 2026-05-12, setSupportedBridgingPath on HubPortal). Core contracts are immutable with no admin — deployer EOA risk limited to periphery only. RD-F-047 yellow Governance token concentration (Gini) ZeroToken (0x988567...): 150 holders, max supply ~1.09B (6 decimals). Small holder count indicates high concentration among a small set of governors. POWER token has open buy/auction mechanism. Gini cannot be computed without full holder distribution download, but 150 ZERO holders is consistent with high Gini (>0.8 likely). RD-F-028 n/a Low-threshold multisig vs TVL No multisig exists in the core governance topology. TTG epoch-based on-chain governance (not a Gnosis Safe) replaces the admin multisig norm for RWA issuers. PD-042 RWA factor-flip: DAO-style multisig norms are structurally replaced by the TTG. safe_addresses: [] confirmed. RD-F-029 n/a Multisig signers co-hosted No multisig exists; factor measures co-hosted signers which is N/A by construction. RD-F-030 n/a Hot-wallet signer flag No multisig exists; factor measures hot-wallet signers which is N/A by construction. RD-F-031 n/a Signer rotation recency No multisig signer set to rotate. Deployer EOA has been consistent since deploy (May 2024). Factor measures signer rotation recency which is N/A without a multisig. PD-042 applies. RD-F-044 gray Admin wallet interacts with flagged addresses Deployer EOA 0xf2f1acbe0ba726fee8d75f3e32900526874740bb labeled M0: Deployer. Etherscan shows Delegated to: MetaMask: EIP-7702 Delegator. No mixer or OFAC interaction found in public data review. Full dev-identity screening required for authoritative assessment. [gap: Dev-identity-analyst should perform full screening of deployer EOA and team wallet interactions; no flagged interaction visible from public data but cannot confirm clean without complete trace.] RD-F-045 gray Constructor args match governance proposal All core contracts deployed May 2024 from coordinated TTG deployment. No governance proposal pre-approved constructor args (bootstrap deploy). Cannot verify arg match without specific proposal text. Periphery contracts (SwapFacility, Portal Lite) deployed later — no governance proposal found matching constructor args. governance.m0.org appears JS-rendered and was not accessible for historical proposal search. [gap: No accessible historical governance proposal text found pre-approving constructor args; governance forum JS-rendered making programmatic search infeasible within assessment time budget.]
RD-F-025 green Admin key custody type All core contracts (MToken, MinterGateway, TTG Registrar, governors, DistributionVault) are immutable or self-governed via TTG — no admin key. Upgradeable periphery contracts (SwapFacility, HubPortal, Portal Lite, WrappedM) have deployer EOA 0xf2f1acbe0ba726fee8d75f3e32900526874740bb as proxy admin/owner. Categorical split: core=immutable/TTG-DAO; periphery=EOA.
RD-F-027 green Single admin EOA No EOA admin exists on any core contract. MToken minting gated to MinterGateway; Registrar writes require StandardGovernor or EmergencyGovernor. Deployer EOA retains privileged role on upgradeable periphery proxies only — core $325M TVS-bearing contracts have no EOA admin.
RD-F-036 green Flash-loanable voting weight Both POWER and ZERO tokens use epoch-based snapshots for vote weight. Voting power is determined by balance at end of epoch preceding voting epoch (pastBalanceOf/pastVotes). Flash loans cannot manipulate same-epoch vote weight by construction. Confirmed from IEpochBasedInflationaryVoteToken interface and POWER/ZERO token source.
RD-F-037 green Quorum achievable via single-entity flash loan Epoch-snapshotted voting means flash loans cannot achieve quorum. ZeroToken (150 holders, ~1.09B max supply, 6 decimals) and POWER token both use past-epoch snapshots. Same-block quorum manipulation structurally impossible.
RD-F-039 green delegatecall/call in proposal execution without allowlist All three governors (StandardGovernor, EmergencyGovernor, ZeroGovernor) enforce strict allowlists. Each governor's execute() calls only itself (no external target). _revertIfInvalidCalldata() rejects any selector not in a hardcoded list of 5 permitted functions. No delegatecall or user-supplied external target is possible.
RD-F-042 green Admin has mint() with unlimited max MToken mint() is restricted exclusively to MinterGateway via onlyMinterGateway modifier (NotMinterGateway revert). Minting is collateral-backed through TTG-permissioned Minters. Supply bounded by uint240 and uint112 overflow guards. No unlimited admin-callable mint path exists.
RD-F-046 green Contract unverified on Etherscan/Sourcify All core contracts verified on Etherscan at Solidity v0.8.23: PowerToken, ZeroToken, StandardGovernor, EmergencyGovernor, ZeroGovernor, TTG Registrar, MToken, MinterGateway, DistributionVault all verified. WrappedM proxy + impl verified. HubPortal proxy + impl verified. Portal Lite proxy + impl verified. SwapFacility proxy verified. No unverified core contract at launch.
RD-F-167 green Deprecated contract paused but pause reversible by live admin No deprecated contracts identified for M^0. Protocol launched May 2024 and has no announced deprecated surfaces. HubPortal / Portal Lite are the newest additions (2025), not deprecated. Profile §3 lists no deprecated contracts.
Oracle & external dependencies Green 19 17 of 17
RD-F-051 yellow Fallback behavior on oracle failure No external oracle in core $M minting path so classical oracle-fallback question does not apply to primary rate mechanism. If MinterRateModel reverts, MinterGateway's staticcall-based _rate() causes calling functions to revert — no use-last-known-rate fallback. For off-chain collateral: Validator attestation stoppage halts new minting but existing $M remains valid. TTG governance can replace a broken rate model but 15-day epoch cycle creates a bounded replacement delay. RD-F-052 yellow Breakage analysis per dependency HubPortal compromise = unbacked $M minting risk on spoke chains with no rate-limiter (NttManagerNoRateLimiting design); Registrar failure = protocol parameter reads fail; rate model revert = minting transactions revert (no silent bad-price risk); collateral Validator failure = new minting halts; SwapFacility failure = periphery only, core unaffected. The no-rate-limiter design is the primary residual risk. RD-F-057 yellow Circuit breaker on price deviation MinterRateModel enforces a hard cap of 40,000 bps (400%) on the minter rate — functions as a maximum-rate guard but is not a price-deviation circuit breaker. TTG governance can replace the rate model if problematic but 15-day epoch cycle creates bounded delay. No staleness-based circuit breaker applicable to governance-parameterized model. RD-F-062 yellow External keeper/relayer not redundant Core protocol does not use Gelato or Chainlink Automation keepers. WormholeTransceiver relies on Wormhole Standard Relayer (0x27428dd2d3dd32a4d7f7c497eaaa23130d894911) for cross-chain message delivery — a distributed relay network but with a default relayer dependency. If Wormhole relayers fail, cross-chain transfers stall (manual relay possible). Wormhole guardian set (19 nodes) is the validator dependency for VAA attestation. RD-F-180 yellow Immutable oracle address CRITICAL-CANDIDATE per T-12 PD-017 — flagged for orchestrator T-14 tracking. EarnerRateModel and MinterRateModel addresses are NOT hardcoded as immutable in MinterGateway; they are read dynamically from the TTG Registrar via TTGRegistrarReader.getMinterRateModel() and getEarnerRateModel(). The TTG Registrar is governance-writable via TTG proposals, so rate models are replaceable without a full protocol upgrade. YELLOW (not RED) because replacement mechanism exists and is enforced on-chain. Residual concern: TTG 15-day epoch cycle means up to 15+ days before a broken rate model can be replaced. The M^0 rate model replacement path is materially different from the immutable oracle address pattern (USR/USDX/xUSD/USD0++) that drove F180 star promotion — may warrant GREEN reassessment at T-14. RD-F-054 n/a TWAP window duration M^0 uses no TWAP oracle anywhere in the core protocol. Rate model is a deterministic governance formula, not a DEX-derived TWAP. Factor does not apply. RD-F-055 n/a Oracle pool depth (USD) No DEX pool oracle used. Factor not applicable to M^0's governance-parameterized rate model architecture. RD-F-056 n/a Single-pool oracle (no medianization) No DEX pool oracle used. Single-pool vs medianization question is not applicable to M^0's rate model design. RD-F-058 n/a Max-deviation threshold (bps) No price-deviation threshold configured. The 40,000 bps is a rate cap, not a deviation threshold. Factor is not applicable to governance-parameterized rate model. RD-F-059 n/a Oracle staleness check present No timestamped oracle feed used. No updatedAt staleness check is needed or applicable. Rate model is updated on-chain only when TTG governance executes a proposal to change the rate parameter. RD-F-060 n/a Chainlink aggregator min/max bound misconfig No Chainlink aggregator used. Factor not applicable to M^0. RD-F-061 n/a LP token balanceOf used for pricing No LP token pricing used anywhere in the M^0 core protocol. Factor not applicable. RD-F-181 n/a Permissionless-pool lending oracle M^0 is not a lending market with permissionless asset listing. $M is a permissioned-Minter stablecoin; there is no mechanism for users to permissionlessly create oracle-backed lending pools. The Rhea Finance failure-mode (permissionless pool with fake token spot price) is structurally inapplicable. Protocol type: RWA stablecoin issuance.
RD-F-048 green Oracle providers used M^0 uses no external price oracle (Chainlink, Pyth, RedStone, Uniswap TWAP). MinterRateModel reads _BASE_MINTER_RATE governance parameter from TTG Registrar; EarnerRateModel reads minterRate() and totalEarningSupply() from internal protocol contracts. Collateral attestation is off-chain by permissioned Validators via MinterGateway, not an on-chain price feed. The 19 Chainlink feed addresses in the data cache are confirmed Compound v3 scrape artifacts not present in any M^0 contract source.
RD-F-049 green Oracle role per asset TTG-governed on-chain rate model serves as Primary for earner yield calculation. No secondary or fallback oracle exists or is needed — rate model is a deterministic governance-parameterized formula. Off-chain Validator attestation handles collateral with no oracle role classification needed.
RD-F-050 green Dependency graph (protocols depended upon) Primary dependencies mapped: (1) TTG Registrar (immutable on-chain) — parameter source; (2) MinterRateModel + EarnerRateModel (governance-replaceable via Registrar); (3) Wormhole NTT / HubPortal — cross-chain transport; (4) Hyperlane / Portal Lite — secondary cross-chain; (5) WormholeTransceiver + Wormhole Core Bridge — message relay; (6) SwapFacility + UniswapV3Adapter — periphery only, not in core minting path. No Aave, Compound, Uniswap, or other DeFi protocol in the core $M issuance path.
RD-F-053 green Oracle source = spot DEX pool (no TWAP) No spot DEX oracle exists in any M^0 value path. MinterGateway reads rate from an on-chain governance-parameterized rate model, not a DEX pool. Confirmed by full source inspection of MinterGateway.sol, EarnerRateModel.sol, MinterRateModel.sol — no Chainlink latestAnswer/latestRoundData calls, no Uniswap TWAP reads, no spot price reads. The 19 Chainlink feed addresses in the data cache are confirmed Compound v3 artifacts not appearing in any M^0 contract source.
Economic risk Yellow 22 13 of 13
RD-F-064 yellow TVL concentration (top-10 wallet share) Minting is permissioned: only TTG-approved institutional Minters can create $M. The Minter set is small by design — M0 Research collateral structure documentation identifies one primary approved structure (CrossLend GmbH SPV with DEKA Bank custodian) and a proposed second (Superstate USTB). Minter-level concentration is inherent to the permissioned architecture and is likely 3–8 active Minters at most. Exact top-10 holder % for $M token holders is unavailable from free-tier sources (Etherscan token holder tab is JS-rendered). Yellow assigned for structural concentration at the Minting layer, partially mitigated by governance controls on Minter admission. RD-F-069 yellow Algorithmic / under-collateralized stablecoin $M is over-collateralized against off-chain T-bills — NOT algorithmic. Peg maintained by Minter arbitrage: if $M < $1, Minters buy on secondary market and redeem collateral; if $M > $1, Minters post collateral and mint more. No algorithmic stabilization mechanism. MINT_RATIO governance parameter (100%–650%) governs max $M per Minter. Undercollateralization triggers onchain penalty accrual. EarnerRateModel sustainability confirmed: earner yield adjusts downward when earner demand exceeds minter-rate inflows, preventing yield insolvency. RISKS warranting yellow: (1) off-chain collateral opacity — T-bills held in Luxembourg SPV (CrossLend GmbH / DEKA Bank); transparency depends on off-chain custodian and SPV auditors, not on-chain verification alone; (2) single-structure dependency — only one fully documented approved collateral structure; Superstate USTB proposed as second but not confirmed approved at assessment date; (3) Minter solvency dependence — if a large Minter defaults on T-bill RD-F-065 gray Liquidity depth per major asset Secondary $M liquidity depth at 2%/5% price impact is not quantifiable from available free-tier sources. DefiLlama pool-specific data requires HTML rendering (403); Dune Analytics is JS-rendered (403). SwapFacility contract (0xB6807116b3B1B321a390594e31ECD6e0076f6278) and UniswapV3Adapter (0x023bd2F0A95373C55FC8D1c5F8e60cC3B9Bc4f4b) are documented in the protocol addresses, indicating $M has DEX integrations. Peg is primarily maintained by Minter arbitrage incentives rather than AMM depth. No documented depeg events found. Liquidity depth requires a paid subgraph or Dune query to quantify; data gap accepted rather than fabricated. RD-F-066 n/a Utilization rate (lending protocols) M^0 is not a lending protocol. No borrow book exists. Data cache confirms borrow.present=false. PD-024 taxonomy adjudication: utilization rate is lending-only and not applicable to stablecoin issuance infrastructure. RD-F-067 n/a Historical bad-debt events M^0 has no lending book; bad debt events are a lending-market concept. PD-024: not applicable for non-lending protocols. No incidents in cache or Rekt database. RD-F-068 n/a Collateralization under stress No on-chain LTV/collateralization ratio stress simulation applicable. M^0 uses off-chain T-bill collateral with Validator multi-sig attestation. If a Minter fails to update collateral within UPDATE_COLLATERAL_INTERVAL, their effective on-chain collateral is treated as zero (penalty mechanism). This is a different risk model from an on-chain lending collateralization ratio. PD-024: not applicable for non-lending protocols. RD-F-070 n/a Empty cToken-style market (zero supply/borrow) M^0 is an original, non-Compound-fork protocol with no cToken markets, no borrow book, and no share-based vault accounting. The donation/empty-market exploit pattern requires Compound V2 fork architecture (cToken totalSupply==0 + totalBorrow==0 at market initialization). Neither the MinterGateway (0xf7f9638cb444D65e5A40bF5ff98ebE4ff319F04E) nor the MToken (0x866A2BF4E572CbcF37D5071A7a58503Bfb36be1b) implement cToken accounting. Taxonomy explicitly states: RD-F-070 is 'N/A for non-Compound-fork protocols.' ★ critical factor — not_applicable does not count as a critical red. RD-F-071 n/a Seed-deposit requirement for new market listing No cToken/lending market listing mechanism exists. Minter onboarding is governed by TTG governance (POWER-token proposals); it is an access-control admission process, not a capital seed-deposit market-listing gate. PD-024: not applicable for non-lending protocols. RD-F-072 n/a Market-listing governance threshold No cToken/lending market listing in scope. PD-024: not applicable for non-lending protocols. RD-F-073 n/a Oracle-manipulation-proof borrow cap No borrow caps exist. M^0 uses Validator-attested off-chain collateral with on-chain MINT_RATIO governance parameter — not Chainlink-price-oracle-based borrow caps. The 19 Chainlink feeds in the data cache are confirmed artifacts from another protocol (profile §7 ANOMALY note). PD-024: not applicable for non-lending protocols. RD-F-074 n/a ERC-4626 virtual-share offset (OZ ≥4.9) WrappedM (0x437cc33344a0B27A429f795ff6B469C72698B291) is NOT an ERC-4626 vault. GitHub source confirms it implements custom ERC20Extended with principal-based rebasing indexing (principalOfTotalEarningSupply, totalNonEarningSupply, totalEarningSupply) and uses IndexingMath for yield accrual. No deposit/mint/withdraw/redeem/convertToShares/convertToAssets ERC-4626 interface present. The OZ virtual-share offset (RD-F-074) is designed for ERC-4626 vaults specifically and is not applicable here. MToken itself is a non-rebasing-compatible ERC-20 with continuous index; also not ERC-4626. PD-024: not applicable for non-lending/non-ERC-4626 protocols. RD-F-075 n/a First-depositor / share-inflation guard First-depositor share-inflation attacks require share-based vault accounting (share price = totalAssets / totalSupply) where a donation can inflate the share price before other depositors enter. WrappedM uses principal-based indexing (not shares), so this vector does not apply. MinterGateway similarly uses a continuous global index model, not share-based accounting. No vault with share-price arithmetic exists in M^0's core architecture. PD-024: not applicable.
RD-F-063 green TVL (current + 30d trend) TVL $325,509,708 as of 2026-05-16T09:04:26Z (DefiLlama API). 30-day change +8.74% (stabilizing after prior decline). 90-day CoV 0.266 (mean $273M, std $72.8M). 12-month peak $956.6M (~2025-04-19). 100% Ethereum. TVL composition is 100% stablecoin/RWA-backed ($M backed by off-chain T-bills). No volatile-asset concentration. Trend is currently positive (+8.74% 30d) after a prior descending phase from $554M to $325M over the broader 90-day window.
Operational history Green 12 15 of 15
RD-F-089 red Insurance coverage active No active proportionate insurance coverage found for M^0 core Ethereum protocol ($325.5M TVS). The only Immunefi program associated with M^0 infrastructure is the KAST program (https://immunefi.com/bug-bounty/KAST/scope/) which covers only 2 Solana extension contracts (USDK Extension Program, USDKY Extension Program) with a $50,000 max payout — less than 0.02% of the $325M Ethereum TVS. This KAST program does not cover $M ERC-20 (0x866A), MinterGateway (0xf7f9), TTG governors, or the Registrar. Nexus Mutual, Unslashed, and Sherlock searches found no M^0 coverage. Data cache bug_bounty.platform = null for the M^0 slug. Structural insurance gap for a $325M RWA stablecoin. RD-F-084 yellow TVL stability (CoV over 90d) TVL stability CoV (trailing 90 days) = 0.266. Data cache field tvl_cov_90d.cov = 0.266358; mean = $273.2M; std = $72.8M; sample_count = 90; window 2026-02-11 to 2026-05-16. Threshold: green < 0.15; yellow 0.15-0.35; red > 0.35. CoV 0.266 is in yellow band. Context: the volatility reflects a genuine downtrend from ~$554M to $325M (Minter collateral redemptions) rather than distress or random noise. Not a panic-outflow pattern. RD-F-081 gray Post-exploit response score Post-exploit response score cannot be assessed: no incidents have occurred. Factor definition requires an incident with a post-mortem to score curator-assessed 1-5 on compensation, transparency, root-cause-depth, operational recovery. Gray by structural absence of incidents. RD-F-082 gray Post-mortem published within 30 days Post-mortem published within 30 days: cannot assess — no incidents have occurred. Factor requires an incident to have a post-mortem to evaluate. Gray by structural absence of incidents. RD-F-083 gray Auditor re-engaged after last exploit Auditor re-engaged after last exploit: cannot assess — no incidents have occurred. Factor requires a post-exploit re-audit engagement to evaluate. Gray by structural absence of incidents. RD-F-085 gray Incident response time (minutes) Incident response time (minutes from exploit to first statement): cannot assess — no incidents have occurred. Factor requires a specific incident timestamp to measure. Gray by structural absence of incidents.
RD-F-076 green Protocol age (days) M^0 mainnet launched 2024-05-07 (Ethereum, block 19,818,431, StandardGovernor creation confirmed on Etherscan). Assessment date 2026-05-16. Protocol age = 739 days (~24.6 months). Exceeds 12-month A-grade-eligibility threshold by a wide margin. All core contracts (MToken, MinterGateway, TTG governors) deployed on same date.
RD-F-077 green Prior exploit count Zero incidents found across all searched sources: proprietary hacksdatabase grep (regex m[\s\-]?zero|m\^0|m0\s+protocol — zero hits after false-positive filtering); data cache sources.rekt.incidents = []; rekt.news search (no M^0 article); web search for M0 protocol exploit/hack 2024-2026 (no protocol-specific incidents). Exploit count = 0.
RD-F-078 green Chronic-exploit flag (≥3 incidents) Chronic flag = false. Zero incidents found (see F077). Protocol does not have 3 or more incidents. Boolean output: false.
RD-F-079 green Same-root-cause repeat exploit Same-root-cause repeat = false. Zero incidents found (see F077). Cannot have a repeat exploit without at least one prior exploit. Boolean output: false.
RD-F-080 green Days since last exploit Days since last exploit = N/A (no exploit history). Zero incidents means this factor's continuous numeric value is undefined; display as N/A. Green by default for no-exploit protocols per methodology.
RD-F-086 green Pause activations (trailing 12 months) Pause activation history = 0 in trailing 12 months. M^0 core contracts (MToken at 0x866A, MinterGateway at 0xf7f9) are EVM-immutable non-proxy contracts with no pause function by design. The EmergencyGovernor can expedite Registrar parameter changes (e.g., removing a Minter from the approved list) but this is governance-parameter governance, not a protocol pause activation. No pause events observed in operational history. Zero deliberate pause activations in last 12 months.
RD-F-087 green Pause > 7 consecutive days Protocol paused >7 consecutive days in last year = false. No pause activations identified (see F086). Core contracts are EVM-immutable with no pause function; EmergencyGovernor governance is parameter-update only. Boolean output: false.
RD-F-088 green Re-deployed to new addresses in last year Protocol redeployed to new address set in last 12 months = false. M^0 did not retire any core contract addresses. Extensions were added (Portal Lite 2025-05-21; SwapFacility last upgraded 2026-02-24 via implementation upgrade at same proxy address) but these are additive, not redeployments retiring prior addresses. The SwapFacility proxy address 0xB6807116b3B1B321a390594e31ECD6e0076f6278 remains the same — only the implementation was upgraded. Core contracts (MToken, MinterGateway, TTG governors) all retain their 2024-05-07 addresses.
RD-F-166 green Deprecated contracts still holding value No officially-deprecated contracts found holding material value (>$100K). M^0 protocol launched May 2024 and has added extensions (WrappedM Aug 2024, HubPortal Feb 2025, Portal Lite May 2025, SwapFacility Aug 2025) without retiring any prior contracts. No deprecation announcements found in docs.m0.org or research.m0.org governance forum. All contracts listed in profile §3 are active. The docs addresses page shows no deprecated-flag annotations. No v1-to-v2 migration event has occurred.
Real-time signals Green 6 22 of 22
RD-F-102 yellow Admin/upgrade transaction in mempool Deployer EOA 0xf2f1acbe0ba726fee8d75f3e32900526874740bb is the proxy admin of HubPortal (0xD925C84b...), Portal Lite (0x36f586A3...), SwapFacility (0xB6807116...), and WrappedM (0x437cc333...). These are upgradeable proxies with no timelock on proxy admin control. Any upgradeTo()/upgradeToAndCall() call from this EOA would immediately satisfy the signal criteria. Deployer EOA was active 2026-05-12 (bridge management). No current admin/upgrade tx observed in mempool (static assessment cannot confirm in real time — T-09 phase-2 infrastructure required). Yellow because structural absence of timelock on bridge proxy upgrades creates persistent fire-risk: signal would fire immediately on any unexpected upgrade without advance governance notice. RD-F-106 yellow Cross-chain bridge unverified mint pattern Directly applicable: HubPortal (Wormhole NTT) and Portal Lite (Hyperlane) are active bridge contracts. The HubPortal uses NttManagerNoRateLimiting — no per-window outflow cap exists. A mint-without-proof scenario on a SpokePortal (if Wormhole guardian set compromised or message verification bypassed) could result in unbacked $M minting. No current cross-chain mint-without-proof event observed. Yellow because the NttManagerNoRateLimiting design amplifies potential impact of any future bridge bypass — no rate-limiter containment mechanism available. T-09 phase-2 signal tier methodology signal tier. RD-F-182 yellow Security-Council threshold reduction (RT) F182 (Security-Council threshold reduction event, Cat 6B batch-24): EmergencyGovernor (0x886d405949F709bC3f4451491bDd07ff51Cdf90A) is the TTG expedited governance pathway. No EmergencyGovernor threshold reduction event observed as of 2026-05-16. TTG epoch structure is stable. However, the deployer EOA (0xf2f1acbe0ba726fee8d75f3e32900526874740bb) retains proxy admin rights over bridge contracts (HubPortal, Portal Lite, SwapFacility) without any timelock — this is functionally analogous to a 1/1 unilateral admin key on the bridge surface. While not a formal SC threshold reduction event (the TTG itself has not had its threshold reduced), the bridge proxy admin posture creates a structurally equivalent risk: a single EOA can upgrade bridge contracts instantly without on-chain governance approval. Yellow: applicable signal, no current event firing, but structural posture creates elevated fire-readiness. RD-F-092 gray Unusual mempool pattern from deployer wallet Deployer EOA 0xf2f1acbe0ba726fee8d75f3e32900526874740bb is active (last activity 2026-05-12 per Etherscan; bridge management functions including 'Set Supported Bridge'). Static assessment cannot observe real-time mempool patterns or establish a deployer-wallet behavioral baseline. Production mempool listener required (T-09 phase-2 infrastructure). No anomalous pattern identified in static review but confirmation requires live monitoring. RD-F-093 n/a Abnormal gas-price willingness from attacker wallet Signal fires on attacker wallets paying >= 5x median gas to race MEV. No attacker wallet identified for M^0 (no prior exploit, no known threat-actor wallet targeting this protocol). Cannot assess without a designated attacker wallet to monitor. RD-F-095 n/a Known-exploit function-selector replay Signal fires when call-pattern matches a known-exploit replay template. M^0 has no prior exploit from which a replay template could be derived. No known-exploit-template for TTG governance or MinterGateway architecture exists. Not applicable by construction. RD-F-096 gray New ERC-20 approval to unverified contract from whale Applicable: $M token holders (high-TVL Minters) could grant approvals to unverified contracts. Requires continuous on-chain approval monitoring of top $M holders — not implementable in static dry-run. T-09 phase-2 signal tier. No known incidents of this pattern targeting M^0. Production assessment requires live ERC-20 approval event monitoring. RD-F-099 n/a Oracle price deviation >X% from secondary M^0 core does not use live Chainlink price feeds for collateral valuation or stablecoin pegging. The earner-rate index is set by TTG governance parameters (not an on-chain price oracle). MinterGateway uses validator-signed off-chain attestations for collateral, not Chainlink spot feeds. The 19 Chainlink feed addresses in the data cache are confirmed false-positive artifacts (cross-attributed from another protocol per profile Section 7). Oracle price deviation signal is not applicable to this protocol's architecture. T-09 phase-2 signal tier. RD-F-107 n/a Admin EOA signing from new geography/device Requires off-chain signing telemetry (MPC provider session logs, device fingerprint data from hardware wallet providers). No public data source available for admin EOA signing geography. Cannot assess without access to MPC/HSM provider telemetry. Would require Fireblocks custody data (M^0 Foundation employs Fireblocks for Minter custody per Coindesk August 2024) — not publicly accessible.
RD-F-090 green Mixer withdrawal → protocol interaction No mixer-funded wallet interaction with M^0 protocol contracts found. Deployer EOA 0xf2f1acbe0ba726fee8d75f3e32900526874740bb was funded via 0xA08171D289c6de357a800cf839dab7cce752de2c, itself funded by Coinbase 3 — a clean 2-hop CEX path. No Tornado Cash or Railgun interaction in deployer funding chain. T-09 phase-2 signal tier; production signal requires live wallet clustering feed.
RD-F-091 green Partial-drain test transactions TVL 90-day data shows smooth upward growth trajectory from ~$243M (early May 2026) to $325.5M (2026-05-16). No step-down test-drain patterns (sub-$10M sudden drops consistent with pre-strike partial drains). 1d change -0.05%, 30d change +8.74%. No prior incidents in history to establish a pre-attack pattern baseline.
RD-F-094 green New contract with similar bytecode to exploit template No known exploit-template targeting M^0 protocol architecture exists. Protocol uses novel TTG (Two-Token Governance) and MinterGateway design with no prior exploit from which a template could be derived. No freshly-deployed contracts with high bytecode similarity to M^0 targeting pattern identified in available public sources.
RD-F-097 green Sybil surge of identical-pattern transactions Core MinterGateway is permissioned (Minters and Validators are KYC'd institutional counterparties added via TTG governance). This structural design significantly reduces sybil surface on core protocol. Bridge portals (HubPortal, Portal Lite) accept transactions from any EVM address but no sybil-surge pattern observed in available TVL/transaction data. T-09 phase-2 signal tier.
RD-F-098 green TVL anomaly — % drop in <1h TVL $325.5M as of 2026-05-16. 1d change -0.05%, 30d change +8.74%. 30-day baseline median approximately $290-300M. Current ratio TVL_now/TVL_baseline_30d = 325.5/~290 = 1.12 — far above the 0.70 fire threshold. No TVL anomaly. No sector-correlated drain event.
RD-F-100 green Flash loan >$10M targeting protocol tokens POWER token uses checkpoint-based balance (getPriorVotes / getVotes pattern per TTG design), not spot balanceOf — this provides structural resistance to flash-loan governance attacks on StandardGovernor and EmergencyGovernor. EmergencyGovernor requires threshold percentage of total POWER supply, not achievable via flash loan alone without controlling actual minted supply. No flash-loan-targeting event observed for M^0 contracts. No prior incidents. T-09 phase-2 signal tier.
RD-F-101 green Large governance proposal queued StandardGovernor (0xB024aC5a7c6bC92fbACc8C3387E628a07e1Da016) and EmergencyGovernor (0x886d405949F709bC3f4451491bDd07ff51Cdf90A) are on-chain and observable. ProposalCreated events are analyzable for admin-role-change selectors. No malicious-pattern proposal identified in current governance cycle. MAP Group meetings active (October 2025 most recently documented). No EmergencyGovernor activation signals observed. Normal 15-day epoch cadence. TTG proposals visible for stablecoin partner onboarding (MoonPay, Startale) — standard expected content.
RD-F-103 green Bridge signer-set change proposed/executed Wormhole NTT is the primary bridge mechanism via HubPortal. Wormhole guardian set (19 guardians, 13-of-19 threshold) is the effective bridge signer set. No GuardianSetUpgraded event or SignerRemoved/SignerAdded event on Wormhole governance contracts observed as of 2026-05-16. Hyperlane (Portal Lite) validator set also shows no unscheduled changes. Signal fire threshold not met. Wormhole guardian set is stable.
RD-F-104 green Stablecoin depeg >2% on shared-LP venue M^0 does not hold USDT/USDC/DAI as primary collateral reserves. Collateral is off-chain T-bills posted by permissioned Minters; the earner-rate is set by TTG governance. Protocol architecture is structurally isolated from conventional stablecoin depeg cascades. Signal threshold (stablecoin depegs > 2% AND protocol exposure >= 5% of TVL) not met by design. No active stablecoin depeg event as of assessment date.
RD-F-105 green DNS/CDN/frontend hash drift Primary domain m0.org confirmed active and resolving. No DNS/frontend hash drift detected in current assessment window. m0.org is a 2-character domain — unusual brevity limits obvious one-character adjacent typosquats. TLS cert history shows no unexpected issuer changes in available sources. T-09 phase-2 signal tier; production requires external monitoring stack (DNS + TLS cert transparency + JS bundle hash tracking).
RD-F-108 green GitHub force-push to sensitive branch m0-foundation/protocol, m0-foundation/ttg, m0-foundation/m-portal are confirmed public GitHub repos (ANOMALY U6 false positive in data cache clarified: github_private=true was GitHub API rate-limit artifact, not a real private-repo finding). No GitHub force-push or non-protocol sensitive-branch push events identified in static assessment. T-09 phase-2 signal tier methodology signal tier.
RD-F-109 green Social-media impersonation scam spike Official X accounts @m0foundation and @m0 identified. No official Discord or Telegram publicly identified for M^0 (profile Section 9 confirms none found). No active social-media impersonation scam-spike observed in available OSINT. Absence of an official community channel reduces scam-coordinator infiltration surface. T-09 phase-2 signal tier methodology signal tier.
RD-F-110 green Unusual pending/executed proposal ratio StandardGovernor operates on 15-day epoch cycles (Transfer + Voting phases). MAP Group governance active through October 2025. No anomalous pending-to-executed proposal ratio observed. Governance appears to operate in normal cadence with stablecoin partner onboarding proposals (MoonPay, Startale) as expected content. T-09 phase-2 signal tier methodology signal tier.
Dev identity & insider risk Green 3 16 of 16
RD-F-123 yellow Sudden admin-rescue/ACL change without discussion YELLOW — split posture. Core TTG contracts (MToken, MinterGateway, Registrar, 3 governors) are immutable; all parameter changes require on-chain TTG proposal with 15-day epoch cycle, providing a strong public disclosure trail. Periphery gap: SwapFacility (0xB6807116b3B1B321a390594e31ECD6e0076f6278, TransparentUpgradeableProxy) has proxy admin = Deployer EOA (0xf2f1acbe0ba726fee8d75f3e32900526874740bb). Three upgrades executed: Aug 5 2025 (deploy), Aug 11 2025, Feb 24 2026 (block 24529552). No public governance forum post on research.m0.org or GitHub PR/issue corresponding to the Feb 2026 upgrade was found. The periphery upgrade path is deployer-EOA-unilateral, bypassing TTG epoch. Yellow (not red) because: (1) the core protocol surface is fully TTG-governed; (2) SwapFacility is a periphery extension, not core MToken/MinterGateway; (3) the audit trail for core changes is strong. Would escalate to red if a core admin ACL change were executed without discussion. RD-F-116 gray Contributor tenure at admin-permissioned PR GitHub org m0-foundation has only 2 public members visible via API (Khrafts, PierrickGT). Most contributors are private org members. The most recent SwapFacility upgrade (2026-02-24) was executed via on-chain deployer EOA transaction, not a PR-gated process auditable at OSINT tier. Contributor tenure for the most recent admin-permissioned code change cannot be assessed from public data. RD-F-117 gray ENS/NameStone identity bound to deployer No ENS name detected on the deployer EOA 0xf2f1acbe0ba726fee8d75f3e32900526874740bb. The 'M0: Deployer' label on Etherscan is a community/team label, not an ENS-bound identity. ENS binding to a verifiable identity was not found for any of the three named founders either. This is a minor / non-critical factor. RD-F-119 gray Commit timezone consistent with stated geography Commit-hour distribution analysis not feasible at OSINT tier. GitHub org m0-foundation has only 2 public members; most contributors are private. The team is publicly based in Zug, Switzerland and New York (Di Prisco). No anomalous commit-hour pattern has been surfaced in any published security report. Assessment gap is structural. RD-F-122 n/a Contributor paid to DPRK-cluster wallet M0 Foundation / M^0 Labs pays contributors off-chain (standard employment). No on-chain payment streams to named contributors identified. Cannot assess 3-hop DPRK proximity for off-chain payroll recipients beyond the deployer EOA. Deployer EOA funding terminates cleanly at Coinbase 3 (see RD-F-124). Per process-learnings.md: 'Cannot be meaningfully assessed at OSINT tier for companies with off-chain payroll.' This is the documented assessment ceiling for this factor type. RD-F-184 gray Real-capital social-engineering persona Insider-build AI/synthetic developer persona factor. GRAY per process-learnings.md: 'F184 (insider-build AI persona): mark GRAY — by design leaves no public trace.' Drift Protocol comparator: Lazarus-linked developer implanted over 6 months with gradually increasing commit access, culminating in $285M exploit. M0 mitigants: 9 audit firms covering core + TTG (Jan-Apr 2024), Certora formal verification, 5 post-launch audit engagements — extensive external code scrutiny limits implant dwell-time risk. GitHub org has only 2 public members (Khrafts, PierrickGT); no anomalous contributor behavior detectable at OSINT tier. Absence of evidence is not evidence of absence for this factor class.
RD-F-111 green Team doxx status Three named co-founders — Luca Prosperi (CEO), Gregory Di Prisco (Lead Architect), Oliver Schimek (COO) — all fully doxxed with real names, verifiable multi-year public professional histories (Oliver Wyman, Morgan Stanley, MakerDAO, CrossLend, Axiom Markets), conference presence (Blockworks, Token Summit), and media coverage in Fortune and The Block. M0 Foundation is a registered Swiss Stiftung. Bain Capital Crypto-led $35M Series A (June 2024) further attests to KYC'd team identity. Classification: real-name/doxxed.
RD-F-112 green Team public accountability surface All three founders have high public accountability: Luca Prosperi — 20-year career, Oliver Wyman + Morgan Stanley + MakerDAO background, Blockworks conference speaker, Dirt Roads Substack (24+ posts), multiple press interviews. Gregory Di Prisco — MakerDAO Head of BizDev 2017-2021, Token Summit speaker, Spotify podcast, Twitter @g_dip. Oliver Schimek — LBS MBA, CrossLend CEO, MakerDAO LOVE role, LinkedIn active. Count of verifiable public trails per founder exceeds 3 for all three.
RD-F-113 green Team other-protocol involvement history Luca Prosperi: MakerDAO Real-World Finance lead — clean protocol. Gregory Di Prisco: MakerDAO BizDev 2017-2021 (clean); Ajna Labs co-founder (active, no adverse finding). Oliver Schimek: CrossLend CEO (regulated fintech); MakerDAO LOVE role. Web search for M0 rug or exit scam returned zero protocol-specific results. No team member linked to a prior rug or exit-scam-labeled protocol via public OSINT.
RD-F-114 green Deployer address prior on-chain history Deployer EOA 0xf2f1acbe0ba726fee8d75f3e32900526874740bb is labeled 'M0: Deployer' on Etherscan. 659 total transactions, multichain activity consistent with a dedicated protocol deployer (SetSupportedBridges, SendRegistrar, bridge configuration calls). No hacksdatabase entry for M0 as a rug deployer. No prior rug-linked protocol in transaction history. Activity history is that of a legitimate protocol deployer since 2024.
RD-F-115 green Prior rug/exit-scam affiliation No team member linked to a prior rug or exit-scam-labeled protocol via OSINT. Web search 'M^0 protocol rug exit scam 2024 2025' returned zero protocol-specific results. All three founders' prior protocol roles (MakerDAO, CrossLend, Ajna Labs) are legitimate, active, and clean. Factor definition requires verified OSINT linkage to a prior rug — absent here.
RD-F-118 green Handle reuse across failed/rugged projects Social handle OSINT for all three founders: Luca Prosperi (@LucaProsperi X, dirtroads.substack.com) — no prior failed/rugged project. Gregory Di Prisco (@g_dip X) — associated with MakerDAO (clean) and Ajna Labs (active). Oliver Schimek (LinkedIn) — CrossLend (regulated fintech). No handle recycled from a rugged project found in available OSINT.
RD-F-120 green Video-off/voice-consistency flag Luca Prosperi participates in video interviews and conference panels (Blockworks presence, YouTube channel @M0protocol). Gregory Di Prisco appeared in Messari Unqualified Opinions podcast. No curator-recorded video-off or voice-inconsistency flag. Factor is manual-curator-only; assessed at low confidence from OSINT-accessible signals only. No adverse signal found.
RD-F-121 green Contributor OSINT depth score Curator-scored OSINT depth: Luca Prosperi 5/5 (20-year career, named employer chain, Blockworks speaker, 24+ Substack posts, Fortune/The Block/CoinDesk coverage). Gregory Di Prisco 5/5 (MakerDAO Head, Token Summit, Spotify podcast, Twitter presence, Villanova B.Sc.). Oliver Schimek 4/5 (LBS MBA, CrossLend CEO, LinkedIn active, less DeFi-native research). Mean: 4.7/5. Very high OSINT depth — substantially better than the typical anonymous DeFi team.
RD-F-124 green Deployer wallet mixer-funded within 30 days GREEN — critical factor. Deployer EOA 0xf2f1acbe0ba726fee8d75f3e32900526874740bb deployed core contracts 2024-05-07. 30-day pre-deploy window: 2024-04-07 to 2024-05-07. Funding chain: Coinbase 3 (regulated US exchange) → intermediate EOA 0xA08171D289c6de357a800cf839dab7cce752de2c → Deployer EOA. Funding tx from Coinbase 3 to intermediate EOA: 0x964c080163e136842ddd5066f92d304ddf121df2719da9b5285860cf49e49dea. No Tornado Cash, Railgun, or privacy-mixer interaction identified in the 2-hop funding chain. Coinbase 3 is a regulated US centralized exchange, not a mixer or cluster-proximate address. Depth: 2 hops from CEX to deployer — clean counterparty chain.
RD-F-125 green Deployer linked within 3 hops to DPRK/Lazarus GREEN — critical factor. 3-hop chain from deployer terminates at Coinbase 3 (regulated US exchange, no OFAC SDN or Lazarus label). OFAC SDN web search for named founders and deployer EOA: no hits. Web search 'M^0 OR MZero OR Luca Prosperi DPRK OR Lazarus OR North Korea': zero relevant results. Note: U4 guard applied — attacker using M0 as a drain venue does not constitute team DPRK linkage (no Cat 5 incident on M0 of this type). Confidence: medium-high at OSINT tier. No paid Chainalysis/Arkham cluster feed consulted; paid-feed check would be the authoritative confirmation. No escalation to orchestrator required.
Fork / dependency lineage Green 11 10 of 10
RD-F-133 yellow Dependency manifest uses unpinned versions Protocol repo .gitmodules: forge-std on branch v1 (floating), common (MZero-Labs/common.git, no pinning), solmate (transmissions11/solmate, no pinning). TTG repo: forge-std@v1, erc20-helper (maple-labs, no pinning), common (MZero-Labs, no pinning). Both repos use branch-head references, not commit SHA pins. No foundry.lock file. Supply-chain hygiene concern for future builds; current deployed bytecode verified as Exact Match on Etherscan. RD-F-126 n/a Is-a-fork-of M^0 is an original codebase. GitHub repo description confirms novel architecture (TTG governance, continuous indexing, Minter/Validator model). No upstream fork declared. No Aave, Compound, Uniswap, or other known upstream codebase relationship. Cat 8 fork factors are structurally N/A. RD-F-127 n/a Upstream patch not merged M^0 is not a fork. No upstream codebase exists to have unmerged patches from. RD-F-128 n/a Upstream vulnerability disclosure (last 90d) M^0 is not a fork. No upstream protocol whose disclosures would propagate to this codebase. RD-F-129 n/a Code divergence from upstream (%) M^0 is not a fork. No upstream to compute divergence against. RD-F-130 n/a Fork depth (generations from original audit) M^0 is an original codebase (generation 0 / no fork). Fork depth factor is not meaningful. RD-F-131 n/a Fork retains upstream audit coverage M^0 is not a fork. M^0 has its own independent audit coverage from 8 firms at launch; no upstream audit coverage to inherit or lose. RD-F-132 n/a Fork has different economic parameters than upstream M^0 is not a fork with audited upstream defaults to deviate from. Factor measures parameter drift from a known-safe upstream configuration.
RD-F-134 green Dependency had malicious-release incident (last 90d) No malicious-release advisory found for solmate, forge-std, or MZero-Labs/common in the trailing 90 days. Solmate is no longer actively maintained (no new releases expected, reducing malicious-release attack surface). No GitHub Advisory Database advisories found for these dependencies.
RD-F-135 green Shared-library version with known-vuln status Solmate: no active CVE or GHSA advisory (library discontinued, no new releases). forge-std: testing utility only, not security-critical for production. MZero-Labs/common: internal library audited by Kirill Fedoseev at commit 0a0cae40. Solc 0.8.23 fixes VerbatimInvalidDeduplication (low severity, pure-Yul only). No active high/critical advisory for any dependency.
Post-deploy hygiene & change mgmt Green 18 13 of 13
RD-F-136 yellow Deployed bytecode matches signed release tag Core protocol contracts are immutable — bytecode fixed at deploy cannot drift. GitHub repos m0-foundation/protocol and m0-foundation/ttg are public. Release-tag-to-bytecode verification would require toolchain confirmation. Upgradeable periphery contracts were upgraded from audited baseline; specific commit SHAs vs deployed bytecode not confirmed by curator. RD-F-139 yellow Post-audit code changes without re-audit SwapFacility upgraded 2026-02-24 to impl 0x45bF08d0...584550DA8. Original 2024 audits did not cover SwapFacility (deployed 2025-08-05). Dec 2025 - Feb 2026 Multichain V2/M Portal V2 audit batch (Sherlock, Halborn, ChainSecurity, Guardian, Adevar) likely covers this, but specific bytecode coverage of the 2026-02-24 implementation has not been confirmed from a public PDF with commit SHA. RD-F-141 yellow Test-mode parameters in deploy Core contracts: no test-mode parameters found (MinterGateway, Registrar production-configured at deploy). Periphery: SwapFacility proxy admin remains as deployer EOA — a known test-mode anti-pattern for proxy ownership — though this appears intentional rather than accidental. No oracle set to test address, no infinite allowances visible. RD-F-142 yellow Storage-layout collision risk across upgrades Core contracts immutable — no storage-layout collision risk. Upgradeable proxies (WrappedM, HubPortal, Portal Lite, SwapFacility) use EIP-1967 proxy patterns. WrappedM uses migrate() function with controlled upgrade. OZ upgrades plugin validation not confirmed to be run. SwapFacility upgraded 2026-02-24 — no collision report found publicly. RD-F-143 yellow Reinitializable implementation (no _disableInitializers) Core protocol contracts are immutable (non-proxy): N/A for them. Upgradeable proxies: (a) WrappedM impl 0x813B926B does NOT call _disableInitializers() in constructor (confirmed from source). (b) HubPortal impl 0xdFC64dbF uses initializeInitializationPhase() guard, not _disableInitializers(). (c) Portal Lite impl 0x901Cca92 (Portal.sol GitHub) shows no _disableInitializers() call. Multiple upgradeable implementations lack the canonical OZ re-initialization lock. RD-F-145 yellow Deployed bytecode reproducibility Core contracts: public Foundry-based repos (m0-foundation/protocol, m0-foundation/ttg) with Solidity 0.8.23, optimization 999999 runs, Shanghai EVM. In principle reproducible. No specific BUILD artifact + hash confirmation found. Periphery: same stack but no specific build artifact confirmed. RD-F-185 yellow Bridge rate-limiter / chain-pause as positive mitigant HubPortal (Wormhole NTT) implements rate-limiter via Wormhole NTT built-in per-window transfer caps. Portal Lite (Hyperlane) — no explicit rate-limiter confirmed from available source review. whenNotPaused modifier exists in Portal.sol (pause mechanism present). Partial positive mitigant: Wormhole NTT rate-limiting on Ethereum hub portal; Hyperlane rate-limiter not confirmed.
RD-F-137 green Upgrade frequency (per 90 days) SwapFacility upgraded on 2026-02-24 (within 90-day window from 2026-05-16). HubPortal + Portal Lite: no confirmed upgrades in last 90 days. WrappedM: no confirmed upgrade in 90 days. Frequency: 1 upgrade in 90 days — low/acceptable.
RD-F-138 green Hot-patch deploys without timelock (last 30 days) SwapFacility upgrade was 2026-02-24 (80 days before 2026-05-16 assessment — outside 30-day window). No confirmed hot-patch deploys in last 30 days. Deployer EOA last transaction 2026-05-12 was a function call (setSupportedBridgingPath), not a new deploy or upgrade.
RD-F-140 green Fix-merged-but-not-deployed gap No evidence of a known fix merged in repo but not deployed. Core contracts are immutable — no upgrade path for gaps. Periphery contracts are upgradeable and audited before deploy. No CVE or security advisory referencing an undeployed fix found.
RD-F-144 green CREATE2 factory permits same-address redeploy No evidence of CREATE2 factory patterns used for M^0 contract deployment. Core contracts deployed via standard CREATE. Deployer EOA tx history shows standard contract creation.
RD-F-146 green New contract deploys in last 30 days Portal Lite deployed 2025-05-21 (~360 days ago, outside 30-day window). SwapFacility upgrade 2026-02-24 (~80 days ago, outside 30-day window). Deployer EOA last tx 2026-05-12 was setSupportedBridgingPath call (function call, not new deploy). No new deploy confirmed in last 30 days.
RD-F-168 green Stale-approval exposure on deprecated router No deprecated router contracts identified for M^0. Protocol has not announced any deprecated contract addresses holding user approvals. All active contracts listed in profile §3. Docs addresses page has no deprecated entries.
Cross-chain & bridge Yellow 21 12 of 12
RD-F-148 yellow Bridge validator count (M) Wormhole NTT: 19 independent guardian nodes in the Wormhole guardian set. Hyperlane Portal Lite: specific ISM validator count for M^0's Portal Lite deployment not confirmed from source; default Hyperlane ISM on major chains typically uses 8-11 validators. Curator should verify Hyperlane ISM configuration via IMailbox(0xc005dc82...d239).defaultIsm(). RD-F-149 yellow Bridge validator threshold (k-of-M) Wormhole NTT: threshold is 13-of-19 guardians for a valid VAA (quorum ~2/3+1 of the guardian set). Well-established, battle-tested threshold. Hyperlane Portal Lite: ISM threshold not confirmed for M^0-specific deployment. Default Hyperlane ISM typically 8-of-11 but this requires direct on-chain verification for M^0's Portal Lite. RD-F-150 yellow Bridge validator co-hosting Wormhole: the 19 guardian operators include Jump Crypto, Certus One, Everstake, P2P.org, Figment, Chorus One, and others — distributed across different organizations and geographies. Risk exists that some share cloud infrastructure but the set is sufficiently diverse. Hyperlane validator co-hosting not assessed for M^0-specific ISM. Overall: acceptable diversity for Wormhole, partial assessment gap for Hyperlane. RD-F-151 yellow Bridge ecrecover checks result ≠ address(0) M^0's Portal.sol and HubPortal.sol do not contain direct ecrecover calls — signature validation is fully delegated to the Wormhole core bridge (0x98f3c9e6E3fAce36bAAd05FE09d375Ef1464288B) via WormholeTransceiver. Wormhole core bridge verifySignatures() includes ecrecover with zero-address check per standard Wormhole implementation. However, WormholeTransceiver implementation source (0x29E5F15fB58C38DbD9b26eca20a80F1E56e0B741) is not verified on Etherscan — M^0-specific transceiver ecrecover path cannot be directly confirmed. Score YELLOW due to indirect evidence via Wormhole's well-audited core bridge. RD-F-155 yellow Bridge validator-set rotation recency Wormhole guardian set has been stable for over 12 months with no significant rotations reported in 2025-2026 period. Hyperlane ISM validator set rotation for M^0-specific Portal Lite deployment not assessed. Overall: adequate for Wormhole; gap for Hyperlane. RD-F-156 yellow Bridge uses same key custody for >30% validators Wormhole: 19 guardian operators from distinct organizations; no evidence of greater than 30 percent sharing a single custodian but detailed custody analysis is not publicly available. Hyperlane validator custody not assessed for M^0-specific ISM. RD-F-157 yellow Bridge TVL per validator ratio HubPortal holds $M locked as collateral for spoke-chain issuance. With 19 guardian validators and $325.5M current TVS, the TVL-per-guardian is approximately $17M per guardian. Moderate concentration — high enough to be a meaningful target but 13-of-19 threshold requires coordinating majority of distributed guardian set. The full bridge TVL concentration in a single HubPortal (no rate-limiter) amplifies the risk profile. RD-F-179 n/a LayerZero OFT DVN config (count, threshold, diversity) M^0 uses Wormhole NTT (not LayerZero OFT) as its primary bridge mechanism, and Hyperlane as secondary. Data cache confirms layerzero.present: false. No LayerZero OApp exists for M^0. Factor RD-F-179 applies exclusively to LayerZero OFT integrations and does not apply here.
RD-F-147 green Protocol has bridge surface Yes — M^0 uses two cross-chain bridge systems: (A) Wormhole NTT via HubPortal (0xD925C84b55E4e44a53749fF5F2a5A13F63D128fd, ERC1967 proxy) + WormholeTransceiver (0x0763196A091575adF99e2306E5e90E0Be5154841) on Ethereum/Arbitrum/Optimism/Base/Sei/Solana; (B) Hyperlane via Portal Lite (0x36f586A30502AE3afb555b8aA4dCc05d233c2ecE, ERC1967 proxy) on Plume/HyperEVM/BNB/Linea/Soneium/Mantra/Plasma/Citrea. Lock-and-mint model: $M locked on Ethereum HubPortal, minted on spoke chains.
RD-F-152 green Bridge binds message to srcChainId srcChainId binding confirmed in Portal.sol source: messages are digested with TransceiverStructs.nttManagerMessageDigest(chainId, message_), binding the source chain ID to each message. Prevents cross-chain replay where a message from chain A is replayed as valid on chain B.
RD-F-153 green Bridge tracks nonce-consumed mapping Portal.sol uses _useMessageSequence() (sequence counter) and processes messages with a messageId_ digest mechanism. NTT framework tracks consumed message IDs to prevent replay. Message sequences tracked per (sourceChain, sequence) pair.
RD-F-154 green Default bytes32(0) acceptable as valid root M^0's Portal/HubPortal/SpokePortal does not use inbound Merkle-root-based message validation (the Nomad bug class). Messages validated via Wormhole VAA attestation (guardian signatures on VAA struct, not Merkle roots) or Hyperlane mailbox ISM. The only Merkle root in the system is the outbound earnersMerkleRoot_ fetched from IMerkleTreeBuilder for Solana earner list — an outbound data payload, not an inbound security mechanism. No acceptableRoot or zero-root acceptance path exists in M^0 bridge code.
Threat intelligence & recon Green 0 8 of 8
RD-F-163 gray Avg attacker reconnaissance time for peer-class protocols No peer-class attacker reconnaissance data available for RWA-stablecoin infrastructure protocols (M^0 class). Analogues (Centrifuge, Ondo, Circle/USYC, Superstate) have no documented major exploit history from which reconnaissance timelines could be derived. General DPRK/Lazarus reconnaissance windows range 30-78 days for other protocol classes (Drift: 6 months pre-strike for social engineering; USPD: 78 days) but cannot be directly applied to RWA stablecoin infrastructure without same-class peer evidence.
RD-F-158 green Known-threat-actor cluster has touched protocol No known-threat-actor wallet interaction with $M token, MinterGateway, HubPortal, or governance contracts identified. No M0-specific DPRK/Lazarus attribution found in web search. Deployer EOA funded via Coinbase 3 (clean CEX path) — no connection to OFAC-sanctioned addresses. M0 Foundation is backed by Bain Capital Crypto (Series A), Polychain and Ribbit Capital (Series B) — institutional investment stack provides additional counter-indicator. T-09 phase-2 production signal tier.
RD-F-159 green Attacker wallet pre-strike probe (low-gas failing txs) No mempool probe activity observed for M^0 contracts. No threat-actor cluster wallets identified as targeting M^0. Requires live mempool + threat-actor cluster feed for production observation. Static assessment finds no evidence of probing activity. No prior incidents from which attacker wallets could be derived.
RD-F-160 green GitHub malicious-dependency incident touching protocol deps No active GitHub security advisory identified against m0-foundation dependencies. Solidity v0.8.23 (confirmed on all core Etherscan-verified contracts) has no known critical vulnerability in the solc bug list. OpenZeppelin library patterns are expected (standard ERC-20); no recent malicious OZ release incidents. M0 GitHub repos use Foundry toolchain; no malicious Foundry dependency advisory identified.
RD-F-161 green Protocol-impersonator domain registered (typosquat) Official domain m0.org confirmed. F161 registration-to-assessment-date delta: m0.org is the primary domain registered approximately 2022 (based on protocol launch timeline; deploy date 2024-05-07 but organization established prior). Assessment date 2026-05-16. Common typosquats (m-0.org, m00.org, m0protocol.org, mzero.org, mzero.com) not identified as active malicious domains in web search. Short 2-character domain (m0.org) is structurally resistant to obvious adjacent-character typosquats. No typosquat identified within 90-day window.
RD-F-162 green Known-exploit-template selector deployed by any address No prior exploit of M^0 exists from which an exploit-template could be derived. RWA-stablecoin infrastructure class (TTG governance + MinterGateway) does not have an established exploit-template canon (unlike Compound-fork class). No exploit-template-matching deployment observed in available public sources.
RD-F-164 green Leaked credential on paste/sentry site No leaked credentials identified through available OSINT channels. No known data breaches attributed to M0 Foundation as of 2026-05-16. No Sentry/Datadog endpoint leaks or paste-site references to M0 infra keys identified in web search. M0 Foundation employs Fireblocks for custody (confirmed Coindesk August 2024) which provides institutional-grade key management reducing credential-leak risk.
RD-F-165 green Protocol social channel has scam-coordinator flag No official Discord or Telegram publicly identified for M^0 (profile Section 9 confirms none found after web search). Official X accounts @m0foundation and @m0 exist. Absence of an official community channel significantly reduces the scam-coordinator infiltration surface. No scam-coordinator flagging observed on any M^0-adjacent social channel. No Discord/Telegram admin compromise or scam-coordinator watchlist hit identified.
Tooling / compiler / AI Green 0 5 of 5
RD-F-171 n/a Bytecode similarity to audited upstream with behavior deviation M^0 is an original codebase with no audited upstream to compare against. The AI-copy risk pattern (bytecode similarity >80% to an audited protocol with behavior deviation) is structurally not applicable. Novel architecture (TTG, ContinuousIndexing) makes this factor not applicable.
RD-F-170 green Solc version used (known-bug versions flagged) Core contracts: solc v0.8.23+commit.f704f362, EVM Shanghai. WrappedM impl: same v0.8.23. SwapFacility/HubPortal proxy: v0.8.26. HubPortal impl: v0.8.34, EVM Cancun. None of these versions have known high/critical bugs affecting normal Solidity code. Solc 0.8.23 fixed VerbatimInvalidDeduplication (low severity, pure-Yul only). 0.8.26 and 0.8.34 are later safe versions.
RD-F-172 green Repo shows AI-tool co-authorship in critical files GitHub API commit search found no Co-Authored-By: GitHub Copilot or equivalent AI co-authorship trailers in m0-foundation/protocol commits. Most recent commit (SHA b42fe5bc, Jun 5 2025, by toninorair) has no AI co-authorship marker. No public disclosure of AI tool co-authorship found via web search.
RD-F-173 green Team self-disclosure of AI-generated Solidity No public disclosure found via web search or docs review of AI-generated Solidity being used in production security-critical contracts. M^0 technical documentation and blog posts do not reference AI code generation for the protocol.
RD-F-174 green Dependency tree uses EOL Solidity version All core contracts use Solidity 0.8.23 (supported). Periphery uses 0.8.26 and 0.8.34 (both supported). No EOL Solidity version in any deployed contract. Solmate written for older versions but compiled with project's declared compiler; no EOL-specific code path invoked.
Response & disclosure hygiene Red 50 4 of 4
RD-F-175 red Disclosure channel exists No dedicated security disclosure channel found for M^0 core Ethereum protocol ($325.5M TVS). Specific checks: (1) SECURITY.md absent — GitHub security tab shows 'No security policy detected' and 'No published security advisories'; (2) security@ email not published anywhere on m0.org, docs.m0.org, or research.m0.org; (3) security.txt at www.m0.org/.well-known/security.txt returns 404; (4) M^0 core Ethereum protocol NOT covered by any Immunefi program — the KAST Immunefi program covers 2 Solana extension contracts only; (5) Cantina portfolio page returns 404; (6) www.m0.org/contact-us provides generic contact form with no security-specific routing. Core attack surface ($325M) has no public vulnerability reporting path. RD-F-176 red Disclosure SLA public No acknowledgment-time SLA published for vulnerability disclosures. No SECURITY.md exists (SECURITY.md 404), no Immunefi core-protocol program (which would carry a platform SLA), no disclosure policy document on docs.m0.org. The docs 'Disclosures' page contains legal/investment disclaimers only — no security reporting SLA. The KAST Immunefi program (Solana-only) does not state an explicit acknowledgment SLA. No SLA published = red.
RD-F-177 green Prior known-ignored disclosure No evidence of prior known-ignored disclosure. No incidents have occurred (zero in hacksdatabase, rekt.news, data cache), therefore no post-mortems exist to document an ignored disclosure. Web search for M^0 security vulnerability ignored or delayed disclosure returned no results. Green by clean record and absence of post-mortem evidence.
RD-F-178 green CVE/GHSA advisory issued against protocol No CVE or GHSA advisory issued against M^0 protocol. GitHub security tab for m0-foundation/protocol shows 'no published security advisories'. Web search for M^0 CVE GHSA returned no results. GitHub security advisory database and NVD search found no M^0 entries.
rubric_version v1.7.0 graded_at 2026-05-16 09:46:22 factors 184 protocol m0