First-depositor / share-inflation guard
Meteora's assessment for RD-F-075 — scored not_assessed on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
Adapted for Solana AMM context. DLMM uses position NFTs (not fungible LP tokens) — the classic ERC-4626 first-depositor share-inflation attack does not directly apply. DAMM v1/v2 mint fungible LP tokens proportional to pool share; the first-depositor inflation attack (donate tiny first deposit, then inflate per-share value against later depositors) may theoretically apply if the DAMM program does not implement a guard. DAMM v1 was audited by Oak Security (Oct 2022) and Halborn (Jul 2022); DAMM v2 by OtterSec (Apr 2025), Offside Labs, and Zenith. These audits would be expected to surface first-depositor inflation risks, but reading each audit PDF to confirm is outside programmatic scope. Not_assessed: requires curator to confirm whether DAMM programs include a minimum-liquidity burn / first-deposit guard in audit findings or program source.
Sources #
- InternalMeteora protocol profile §8 — audit coverage.research/protocols/meteora/00-profile.md §8: DAMM v1 audited by Oak Security (2022-10) and Halborn (2022-07); DAMM v2 audited by OtterSec (2025-04), Offside Labs, Zenithretrieved 2026-05-16
- What is DLMM — docs.meteora.agDLMM uses position NFTs not fungible LP tokens — inflation attack vector differs from standard AMMretrieved 2026-05-16
- DAMM v2 OtterSec Audit — MeteoraAg/auditsDAMM v2 OtterSec audit April 2025 — would surface LP mint / first-deposit inflation if presentretrieved 2026-05-16
Methodology #
Determine whether the vault has a first-depositor guard (seed deposit on deploy, virtual-share offset, or floor-check).
See the full factor methodology and distribution across all protocols →