mETH Protocol · DeFi Risk

DeploymentsEthereum · $535.0M

Risk profile at a glance

0 red · 4 yellow · 9 green

Categories & evidence

184 factors · 13 categories

Code & audits Green 17 25 of 25

RD-F-009 red Formal verification coverage Zero formal verification found. Certora SecurityReports GitHub index has no mETH or Mantle LSP entry. The only FV-adjacent work is an independent community project (0xpolarzero/mantle-lsp-fuzzing-formal-verification) using Halmos, covering only the Staking contract's ETH-accounting invariants — it is archived (March 2024) and explicitly self-described as 'not an assessment of the whole system.' At $535M current TVL ($2.1B historical peak) with no official FV program, this is red per U8 flag and LST-protocol precedent (Rocket Pool, StakeWise). RD-F-183 red Bug bounty scope gap on highest-TVL contracts The cmETH BoringVault (0x33272D40b247c4cd9C646582C9bbAD44e85D4fE4) and L1cmETHAdapter (LayerZero OFT, 0x4aFA9620D0B79137383A7A9AB3477837d475e948, holding ~$70.6M in cmETH) are NOT in scope of the Immunefi bug bounty. The 10 in-scope contracts cover only the core mETH staking surface. LiquidityBuffer and PositionManagerAAVE are also not listed in scope despite managing material ETH from the $535M staking TVL. Whitehats have no economic incentive to disclose bugs affecting cmETH restaking or cross-chain bridge contracts. This is analogous to the Kelp DAO precedent where the OFT adapter was excluded from bounty scope. RD-F-001 yellow Audit scope mismatch 16 audit engagements across 7 firms cover all three product generations (v1 core 2023, v2 cmETH 2024, v3 LiquidityBuffer 2025). No audit report on the public docs page cites a commit SHA enabling bytecode-to-report matching. The most recently upgraded Staking implementation (0x01a360392c74b5b8bf4973f438ff3983507a06a2, upgraded 2025-10-30) post-dates the 2023 v1 audits by ~24 months. MixBytes v1 README does cite audit commits (bd15a96, 93a55d8) but those cannot be traced to the current deployed bytecode. Continuous multi-firm coverage per generation prevents a red; absence of commit SHA matching prevents a green. RD-F-005 yellow Audit firm tier No Tier-1 audit firm (Trail of Bits, OpenZeppelin, ConsenSys Diligence, Certora, Sigma Prime, Spearbit, Zellic, ChainSecurity) has audited mETH Protocol. All 7 firms are Tier-2 or boutique: Hexens (Tier-2), MixBytes (Tier-2), Secure3 (Tier-2), Blocksec (Tier-2), Quantstamp (Tier-2), Fuzzland/Verilog (boutique), Exvul (boutique). At $535M TVL with $2.1B historical peak, Tier-2-only coverage is a yellow finding. No Certora engagement found in Certora SecurityReports index. RD-F-014 yellow Reentrancy guard on external-calling functions claim() in UnstakeRequestsManager.sol lacks nonReentrant modifier (confirmed from GitHub source analysis). The contract interacts with ETH and mETH (ERC-20 via SafeERC20) — not ERC-777, so reentrancy hooks are less likely. The CEI pattern appears partially followed. MixBytes v1 audit reviewed this contract without flagging a reentrancy critical finding, suggesting the specific ordering was acceptable at audit time. Yellow rather than red because: (1) no ERC-777 hooks in use, (2) MixBytes explicitly audited this contract without a reentrancy critical, (3) SafeERC20 is used for token transfers. RD-F-016 yellow Divide-before-multiply pattern No independent Slither run available. MixBytes v1 audit did not flag divide-before-multiply as a finding. OZ v4.9.0 Math.sol uses mulDiv patterns avoiding integer truncation ordering. Marked yellow (not green) because absence of Slither run means the factor cannot be definitively confirmed clean. MixBytes audit is a credible secondary source for this specific class. RD-F-023 yellow Constructor calls _disableInitializers() Confirmed _disableInitializers() in constructor of: Staking.sol, Oracle.sol, ReturnsAggregator.sol, UnstakeRequestsManager.sol, Pauser.sol, OracleQuorumManager.sol. L1cmETHAdapter constructor (0xaE96dF024b9cb69a39a219d7176df6e7e39fac44) does NOT call _disableInitializers() — it only sets token and endpoint addresses. The initialize() is still protected by the OZ initializer modifier, but the missing _disableInitializers() means a direct (unproxied) call to the implementation could be initialized with arbitrary parameters. Practical risk is low given TimelockController is proxy admin, but this deviates from OZ best practices. RD-F-010 gray Static-analyzer high-severity count No independent Slither/Mythril/Semgrep tool run available to this agent. MixBytes v1 audit (Oct-Nov 2023) identified 3 High findings of which 2 were acknowledged-not-fixed (lack of sanity checks on Oracle report update; malicious oracle report accounting in quorum). Without a fresh static analysis tool run on the current deployed bytecode, cannot assess current high-severity finding count. Needs tool run for definitive score. RD-F-017 gray Mixed-decimals math without explicit scaling mETH and ETH are both 18-decimal. Core staking arithmetic operates on uniform 18-decimal tokens. No cross-decimal operations identified in source inspection. Cannot confirm fully without static analysis tool run. Marked gray. RD-F-018 gray Signed/unsigned arithmetic confusion No signed/unsigned confusion finding in accessible audit summaries. Solidity 0.8.x has built-in overflow/underflow protection. No manual int→uint casting identified in source inspection. Cannot confirm without independent static analysis tool run. RD-F-021 n/a UUPS _authorizeUpgrade correctly permissioned Protocol uses TransparentUpgradeableProxy (not UUPS). In the transparent proxy pattern, _authorizeUpgrade() does not exist; upgrade authority is held by the ProxyAdmin (TimelockController 0xc26016f1166bE7b6c5611AAB104122E0f6c2aCE2). UUPS-specific check is not applicable.

RD-F-002 green Audit recency Most recent audit: MixBytes dated November 13, 2025, covering LiquidityBuffer and PositionManagerAAVE. Assessment date: 2026-05-16. Days since last audit: 184 days — well within the 365-day green threshold.

RD-F-003 green Resolved-without-proof findings MixBytes v1 audit (Oct-Nov 2023) clearly separates Fixed (3 findings: 1 High + 2 Low) from Acknowledged (11 findings: 2H + 4M + 5L). Acknowledged findings are not claimed as fixed — the audit trail is transparent. No evidence of findings marked 'Resolved' without verifiable on-chain proof found in the accessible audit summaries.

RD-F-004 green Audit count 7 distinct audit firms across 16 engagements: Hexens (3 engagements), MixBytes (3), Secure3 (3), Blocksec (2), Quantstamp (1), Fuzzland/Verilog (2), Exvul (1). All three product generations have multi-firm coverage. Green threshold of >=2 distinct firms exceeded by a wide margin.

RD-F-006 green Audit-to-deploy gap v3 LiquidityBuffer: audits Oct 20-22 2025 (Exvul/Blocksec/Hexens), deployed Oct 24 2025 (block 23645928) — gap of 2-4 days. v2 cmETH: Hexens Aug 31, Secure3 Sept 11 2024, with L1cmETHAdapter deployed Aug 2 2024 (pre-audit for some v2 audits, post-audit for others). v1 core: Hexens Aug 25 2023, MixBytes Oct-Nov 2023, Staking proxy live Nov 2023. No systematic >180-day audit-to-deploy gap.

RD-F-007 green Bug bounty presence & max payout Active Immunefi program with $500,000 maximum payout for critical smart contract bugs. Minimum reward $100,000 for critical findings. Program live since November 28, 2023. Last updated March 18, 2025. 10 contracts in scope. Reward structure: 10% of funds directly affected up to $500K cap.

RD-F-008 green Ignored bounty disclosure No prior incidents found. Data cache rekt.incidents empty, defillama.hacks empty. No ignored disclosure can exist without a prior incident. Profile §10 confirms clean incident history.

RD-F-011 green SELFDESTRUCT reachable from non-admin path Source inspection of Staking.sol, Oracle.sol, METH.sol, ReturnsAggregator.sol, Pauser.sol, OracleQuorumManager.sol, UnstakeRequestsManager.sol found no SELFDESTRUCT opcode. Contracts use OZ upgradeable patterns that do not include SELFDESTRUCT. L1cmETHAdapter and BoringVault source confirmed no selfdestruct.

RD-F-012 green delegatecall with user-controlled target Source inspection of core staking contracts found no delegatecall with user-controlled target. The transparent proxy pattern uses admin-controlled EIP-1967 implementation slot. No user-supplied delegatecall target identified in any inspected contract.

RD-F-013 green Arbitrary call with user-controlled target No arbitrary call with user-controlled target/data found in source inspection. All external calls are to typed interfaces (IStaking, IOracle, IERC20) with fixed selectors. Staking.sol receive() explicitly reverts: 'revert DoesNotReceiveETH()' preventing ETH donation attacks.

RD-F-015 green ERC-777/1155/721 hook without reentrancy guard No ERC-777, ERC-1155, or ERC-721 hook integration found. mETH token is ERC20PermitUpgradeable (standard OZ v4.9.0, no callback hooks). The staking contracts interact with ETH and the mETH ERC-20 token only. No unsafe callback pattern identified.

RD-F-019 green ecrecover zero-address return unchecked Source inspection of Staking.sol, Oracle.sol, OracleQuorumManager.sol found no ecrecover usage. OracleQuorumManager uses role-based access control (AccessControlEnumerable) not signature verification. METH.sol ERC20PermitUpgradeable delegates to OZ's battle-tested implementation which correctly checks ecrecover results.

RD-F-020 green EIP-712 domain separator missing chainId mETH implements ERC20PermitUpgradeable (OZ standard) which includes chainId in the EIP-712 domain separator by construction via EIP712Upgradeable. No custom EIP-712 implementation found that could omit chainId.

RD-F-022 green Public initialize() without initializer modifier All inspected implementation contracts use the initializer modifier on initialize(): Staking.sol (confirmed), Oracle.sol (confirmed), ReturnsAggregator.sol (confirmed), UnstakeRequestsManager.sol (confirmed), Pauser.sol (confirmed), OracleQuorumManager.sol (confirmed), L1cmETHAdapter (confirmed). No unprotected initialize() found across the core staking surface. LiquidityBuffer impl shows OZ initializer-flag protection. No public initialize() without protection was identified.

RD-F-024 green Code complexity vs audit coverage 16 engagements across 7 firms provide adequate code coverage. MixBytes v1 audit: 9 contracts over 48 days — adequate LOC/audit-day ratio for the ~1,500-2,000 LOC staking suite. v3 LiquidityBuffer: 4 concurrent firms (Exvul, Blocksec, Hexens, MixBytes) reviewed within Oct-Nov 2025. Multi-firm concurrent review compensates for individual firm's narrow time window.

Governance & admin Yellow 22 24 of 24

RD-F-032 red Timelock duration on upgrades TimelockController 0xc26016f1166bE7b6c5611AAB104122E0f6c2aCE2 minDelay = 0 seconds (0 hours). Confirmed from Etherscan constructor args: Arg [0]: minDelay (uint256): 0. Zero delay means any queued operation can be executed immediately in the same block as scheduling. No evidence that updateDelay() was called post-deploy (28 total transactions, none identified as updateDelay). At $535M TVS, a zero-delay timelock provides no meaningful execution protection. RD-F-038 red Proposal execution delay < 24h TimelockController minDelay = 0 seconds. Effective execution delay after proposal pass = 0. This is below the 24h threshold. Any queued operation can be executed in the same block as scheduling, providing no meaningful window for community reaction or emergency intervention. RD-F-028 yellow Low-threshold multisig vs TVL Protocol Admin Safe (MLSPEngL1) is 3-of-8 at $535M TVS. LST peer norm at this scale is 5-of-9 or higher (Rocket Pool 4-of-8, StakeWise 4-of-7). 3 signers can authorize day-to-day operations. Security Council Safe (6-of-14) has adequate threshold for Timelock PROPOSER role. The 3-of-8 protocol admin threshold is below peer norm for this TVS band. RD-F-031 yellow Signer rotation recency MLSPEngL1 (Protocol Admin Safe) deployed 2026-01-26 — approximately 4 months before assessment date. This is a relatively new Safe with 115 nonce executions already (active). MSecCouncilL1 deployed 2023-05-08, nonce=78. MLSPEngL1 recency (4 months old) is a mild signer-rotation concern — track record is short. RD-F-033 yellow Timelock on sensitive actions TimelockController exists and is structurally integrated (Security Council Safe as PROPOSER). However, minDelay=0 means the timelock provides no delay-based protection. Sensitive actions (upgrades, parameter changes) nominally route through the TimelockController but can execute immediately. Effectively functions as an organizational access-control layer without temporal protection. RD-F-040 yellow Emergency-veto multisig present Security Council Safe (6-of-14) holds PROPOSER_ROLE and can queue operations including cancellations. Pauser contract provides emergency pause capability (immediate, no timelock). CANCELLER_ROLE current holder not definitively confirmed from public sources. Effective emergency veto exists via Pauser but the formal CANCELLER_ROLE holder is unverified. RD-F-041 yellow Rescue/emergencyWithdraw without timelock No explicit emergencyWithdraw or rescue drain function in Staking.sol, METH.sol, or LiquidityBuffer. reclaimAllocatedETHSurplus() (STAKING_MANAGER_ROLE) retrieves surplus ETH from UnstakeRequestsManager — limited scope, not a full drain. Pauser contract enables immediate protocol halt (non-draining). forceMint() is a supply expansion risk (scored separately under F042). No single function can drain all staked ETH without timelock in one transaction. Overall: yellow for partial admin power without timelock (Pauser is immediate). RD-F-042 yellow Admin has mint() with unlimited max METH.sol forceMint(address account, uint256 amount, bool excludeBlockList) is callable by MINTER_ROLE holder with NO supply cap in the token contract. The maximumMETHSupply check is in Staking.sol's stake() path only — forceMint() bypasses it entirely. MINTER_ROLE holder could mint unbounded mETH. Identity of current MINTER_ROLE holder is not publicly confirmed from on-chain reads or docs. Scored yellow (not red) because MINTER_ROLE holder identity is unverified — if holder is a timelocked multisig, severity reduces; if an EOA, this becomes critical. RD-F-029 gray Multisig signers co-hosted Signer identities for both Safes are not publicly attested. 22 addresses across two Safes; no public documentation of signer identity, custody arrangement, or geographic distribution. Cannot determine co-hosting status. RD-F-030 gray Hot-wallet signer flag 22 signer addresses retrieved from Safe API. No public attestation of signer identity or hardware/software custody type. Cannot assess hot-wallet behavior without known identities. RD-F-037 n/a Quorum achievable via single-entity flash loan No on-chain Governor contract. Quorum concept does not apply to the current multisig+Snapshot architecture. Factor is not applicable until an on-chain Governor with token-weighted voting is deployed. RD-F-044 gray Admin wallet interacts with flagged addresses Signer identities for Security Council and Protocol Admin Safes are not publicly attested. 22 addresses retrieved from Safe API. Cannot run Chainalysis-style flagged-address check without known signer identities. RD-F-045 gray Constructor args match governance proposal TimelockController constructor args show minDelay=0. No corresponding governance proposal found in Mantle forum or Snapshot specifying the intended minDelay at deploy time. Cannot assess whether constructor args matched governance-stated values without a governance proposal record. RD-F-047 gray Governance token concentration (Gini) COOK token: 5B supply; ~17.4% (~873M COOK) circulating at public launch (Oct 2024). No on-chain Governor. Governance concentration not assessable from public APIs — no on-chain vote records, no holder Gini data available at assessment time. Snapshot space bitdao.eth is off-chain signaling only.

RD-F-025 green Admin key custody type Governance is multisig+timelock. Security Council Safe (6-of-14) holds PROPOSER_ROLE on TimelockController. Protocol Admin Safe (3-of-8) executes day-to-day operations. Deployer renounced all roles via renounce_for_public.s.sol in November 2023. Category: multisig+timelock (minDelay=0 is a separate finding).

RD-F-026 green Upgrade multisig signer configuration (M/N) Security Council Safe: threshold=6, owner_count=14 (MSecCouncilL1, Safe 1.3.0). Protocol Admin Safe: threshold=3, owner_count=8 (MLSPEngL1, Safe 1.3.0). Both confirmed via Safe Transaction Service API.

RD-F-027 green Single admin EOA No EOA holds admin roles on live contracts. Deployer 0x207E804758e28F2b3fD6E4219671B327100b82f8 renounced PROPOSER_ROLE, EXECUTOR_ROLE, CANCELLER_ROLE, and DEFAULT_ADMIN_ROLE on TimelockController and core contracts via renounce_for_public.s.sol in November 2023. All live privileged actions require Security Council Safe (6-of-14) quorum to propose through TimelockController.

RD-F-034 green Guardian/pause-keeper distinct from upgrader Pauser contract (0x29Ab878aEd032e2e2c86FF4A9a9B05e3276cf1f8) is a dedicated pause-management contract separate from the upgrader (TimelockController/Security Council Safe). Pause can halt protocol immediately without going through the Timelock upgrade path. Role separation between pause-keeper and upgrader is present.

RD-F-035 green Role separation: upgrade ≠ fee ≠ oracle Staking.sol defines 6 distinct roles: STAKING_MANAGER_ROLE (parameters), ALLOCATOR_SERVICE_ROLE (fund allocation), INITIATOR_SERVICE_ROLE (validator init), STAKING_ALLOWLIST_MANAGER_ROLE, TOP_UP_ROLE, DEFAULT_ADMIN_ROLE. Upgrades routed through TimelockController (Security Council). Oracle is read-only. METH.sol adds MINTER_ROLE and BURNER_ROLE. Role functions are distinct.

RD-F-036 green Flash-loanable voting weight No on-chain Governor contract exists. COOK governance token introduced November 2024 but no binding on-chain Governor deployed as of 2026-05-16. Governance is via Snapshot (off-chain, bitdao.eth) plus multisig execution. Flash-loanable voting weight vulnerability does not exist in current architecture — no on-chain vote-weighted execution path.

RD-F-039 green delegatecall/call in proposal execution without allowlist No on-chain Governor or proposal execution contract with delegatecall path. TimelockController is OZ standard and executes direct function calls (not delegatecall). No user-supplied call targets in the governance execution path. Attack surface for delegatecall-based proposal execution does not exist in current architecture.

RD-F-043 green Admin = deployer EOA after 7 days Deployer 0x207E804758e28F2b3fD6E4219671B327100b82f8 renounced all roles on Timelock (PROPOSER, EXECUTOR, CANCELLER, DEFAULT_ADMIN) in November 2023 — within weeks of protocol launch (December 2023). No deployer EOA retains any live privileged role on core protocol contracts. Role transfer completed at launch.

RD-F-046 green Contract unverified on Etherscan/Sourcify All core mETH Protocol contracts are source-verified on Etherscan: Staking proxy and implementation, mETH token proxy and implementation, Oracle, OracleQuorumManager, UnstakeRequestsManager, ReturnsAggregator, ConsensusLayerReceiver, ExecutionLayerReceiver, Pauser, TimelockController, both Gnosis Safe proxies, LiquidityBuffer proxy, L1cmETHAdapter. All verified at or near launch. No unverified core contracts identified.

RD-F-167 green Deprecated contract paused but pause reversible by live admin No deprecated mETH Protocol contracts identified holding material value (>$100K). Prior Staking implementation addresses (0x8B6c86D2... and 0xdecaCC56...) are retired implementation logic — they held no user funds themselves (proxy holds funds). No deprecated router or peripheral contract holding user assets found.

Oracle & external dependencies Green 18 17 of 17

RD-F-050 yellow Dependency graph (protocols depended upon) mETH core: depends on Oracle committee and Aave v3 for liquidity buffer. cmETH restaking: non-redundant structural dependencies on EigenLayer, Symbiotic, AND Karak simultaneously — all three restaking protocols must remain solvent for cmETH to maintain full value. Also depends on LayerZero Endpoint V2 for cmETH cross-chain. Multiple non-redundant external protocol dependencies is standard yellow for LRT-class protocols. RD-F-051 yellow Fallback behavior on oracle failure On Oracle sanity check failure: protocol auto-pauses (no secondary oracle fallback). On quorum not reached: record not forwarded to Oracle; rate freezes at last valid record. Pending updates can be accepted/rejected by ORACLE_PENDING_UPDATE_RESOLVER_ROLE. No secondary oracle source configured. Pause is protective but halts all staking/unstaking. RD-F-052 yellow Breakage analysis per dependency Oracle committee fail: mETH staking/unstaking halts; protocol pauses. Aave v3 fail: LiquidityBuffer ETH stuck; fast unstake queue builds. EigenLayer/Symbiotic/Karak slash: cmETH depegs below mETH parity. LayerZero DVN compromise (if 1-of-1 config): forged lzReceive releases ~$70.6M cmETH. Simultaneous failure of all three restaking protocols: cmETH value approaches zero. Multiple high-severity failure modes exist from external dependencies. RD-F-059 yellow Oracle staleness check present Oracle.sol enforces finalization delay: rejects records where block.number < updateEndBlock + finalizationBlockNumberDelta (~64 blocks, ~2 epochs). This prevents use of unfinalized data. However, there is NO explicit heartbeat check for delivery staleness — if the oracle committee goes offline, the rate freezes at the last valid record indefinitely. Users relying on an up-to-date exchange rate would be operating on stale data without any protocol alarm. RD-F-062 yellow External keeper/relayer not redundant OracleQuorumManager uses dual-threshold quorum (absoluteThreshold + relativeThresholdBasisPoints) — not single-reporter dependency. Multiple SERVICE_ORACLE_REPORTER role members configured. However: (a) initial constructor parameters showed absoluteThreshold=1, relativeThresholdBasisPoints=0 (current production values unverified), (b) if all reporters go offline simultaneously, rate freezes indefinitely. LiquidityBuffer rebalancing is admin-triggered (not a keeper). No third-party keeper for core operations. RD-F-180 yellow Immutable oracle address [★ CRITICAL-CANDIDATE — held per PD-017; flag for T-14 post-launch promotion review] Oracle address in Staking.sol is declared as 'IOracleReadRecord public oracle' — a regular storage variable, NOT EVM immutable keyword. No setOracle() admin function exists: oracle cannot be replaced via a direct admin call. However, Staking is a TransparentUpgradeableProxy (impl 0x01a360392c74b5b8bf4973f438ff3983507a06a2, upgraded 2025-10-30): oracle address CAN be changed via proxy upgrade. Upgrade path: Protocol Admin Safe (3-of-8) -> TimelockController (minDelay=0s) -> upgrade. TimelockController has zero delay, meaning oracle could theoretically be changed in a single multisig transaction without any enforced user-exit window. This is YELLOW not RED: no EVM immutable keyword, and an upgrade path exists. Less severe than USD0++/USR (truly EVM-immutable oracle with no upgrade path). Curator must verify current TimelockController minDelay post-deploy. RD-F-054 n/a TWAP window duration mETH does not use a TWAP oracle. The oracle mechanism is committee-based validator-accounting, not a DEX TWAP. TWAP window duration is not a relevant metric. RD-F-055 n/a Oracle pool depth (USD) mETH oracle does not read from a DEX pool. No pool depth to measure. Oracle is committee-based validator-accounting. RD-F-056 n/a Single-pool oracle (no medianization) mETH does not use a DEX pool oracle. Single-pool vs. medianization question is not applicable. RD-F-060 n/a Chainlink aggregator min/max bound misconfig mETH Protocol does not consume any Chainlink price feed. The 19 Chainlink feeds in the data cache were confirmed false positives. No Chainlink aggregator min/max bounds to assess. RD-F-061 n/a LP token balanceOf used for pricing No LP token balanceOf pricing used. mETH rate derived from Beacon Chain validator balances. cmETH rate from Accountant. No donation-manipulation vector via LP token balance. RD-F-181 n/a Permissionless-pool lending oracle mETH Protocol is not a lending protocol. F181 (permissionless-pool lending oracle) applies only to lending protocols that accept spot prices from DEX venues with permissionless pool creation. mETH is a liquid staking protocol (protocol_type=lst).

RD-F-048 green Oracle providers used Custom internal committee oracle (OracleQuorumManager) for mETH/ETH rate. No Chainlink, Pyth, or DEX oracle consumed by mETH staking contracts. cmETH Accountant uses external rate providers via IRateProvider interface. The 19 Chainlink feeds in the data cache are confirmed false positives from a broad directory sweep — not consumed by mETH contracts.

RD-F-049 green Oracle role per asset ETH/mETH rate: OracleQuorumManager committee (Primary, sole source). cmETH/mETH rate: cmETH Accountant rate provider (Primary). Aave v3 WETH pricing: handled internally by Aave and not consumed by mETH Protocol contracts. Clear per-asset role mapping confirmed from source code.

RD-F-053 green Oracle source = spot DEX pool (no TWAP) [★ CRITICAL] mETH exchange rate is NOT derived from a DEX spot pool. Rate computed from Beacon Chain validator balance accounting via off-chain committee. Staking.sol::totalControlled() reads oracle.latestRecord() which returns currentTotalValidatorBalance and deposit accounting — Beacon Chain data, not a DEX price. No TWAP needed because no DEX pool is used. No flash-loan manipulation vector applies.

RD-F-057 green Circuit breaker on price deviation Oracle.sol _sanityCheckUpdate() acts as circuit breaker: protocol auto-pauses if Beacon Chain balance loss exceeds maxConsensusLayerLossPPM=1000 (0.1% per report), or gain is outside [minConsensusLayerGainPerBlockPPT, maxConsensusLayerGainPerBlockPPT], or validator count decreases abnormally. Failed sanity checks pause the protocol and mark the update as pending for resolver review.

RD-F-058 green Max-deviation threshold (bps) Consensus layer loss threshold: maxConsensusLayerLossPPM = 1000 (0.1% per oracle window). Gain bounded by maxConsensusLayerGainPerBlockPPT (parts-per-trillion per block). These thresholds are admin-configurable (ORACLE_MANAGER_ROLE) but checked on every oracle record submission. Threshold values are reasonable for validator-accounting use case.

Economic risk Yellow 33 13 of 13

RD-F-063 yellow TVL (current + 30d trend) TVL $535M as of 2026-05-16; -21.95% 30-day change; -44% from ~$965M 90 days prior; -74% from $2.10B peak (2024-03-07). Coefficient of variation over trailing 90 days is 7.2% (std $44M, mean $609.9M) — moderate volatility in percentage terms but the trend is directionally down and sustained. 100% Ethereum L1; 100% ETH/ETH-derivative composition (no stablecoin or long-tail collateral risk). Scored yellow for sustained steep decline from peak and ongoing negative trend, despite healthy absolute TVL level ($535M). RD-F-064 yellow TVL concentration (top-10 wallet share) Top-25 holders concentrate 96.4% of mETH total supply per Prisma Risk 2024 collateral assessment. Additionally 35.7% of mETH supply is restaked into EigenLayer and 20% deposited on Mantle L2, creating layered concentration. Total holder count is 10,687 per Etherscan. The top-10 specific share is not independently verified but is directionally consistent with a highly concentrated distribution (96.4% in top-25 implies likely 80-90%+ in top-10). Scored yellow: concentration is high but characteristic of an institutional-grade LST in growth phase; not catastrophically concentrated in a single address. RD-F-065 yellow Liquidity depth per major asset Secondary-market liquidity for mETH is thin and single-venue dependent. Uniswap v3 WETH/mETH pool holds approximately $15.6M TVL (Prisma Risk 2024 assessment); a $5.5M swap produces ~1% slippage. Only Bybit offers spot mETH/ETH and mETH/USDT pairs on CEX. Native protocol redemption requires 4-8 days via validator exit queue (standard path); LiquidityBuffer fast-path targets 24h but is capped at approximately 20% of TVL (~$107M at current TVL) and reverts to queue-based exit if exhausted. A documented secondary-market depeg event occurred March 2024 when the Double Dose Drive incentive program ended and exit-queue lengths rose — the mETH basis widened materially. No active depeg at assessment date; exchange rate ~1.09 ETH/mETH reflects accumulated rewards. Scored yellow: thin DEX liquidity creates redemption reliance on native protocol; fast-path capacity is finite. RD-F-066 n/a Utilization rate (lending protocols) mETH Protocol is a liquid staking protocol (protocol_type: lst), not a lending protocol. There are no supply/borrow markets, no utilization rate, and no borrow/supply structure. N/A per PD-024 (lending-specific factors). RD-F-067 n/a Historical bad-debt events No lending book, no borrow positions, no bad debt concept applicable to mETH. N/A per PD-024 (lending-specific factors). RD-F-068 n/a Collateralization under stress No collateral/borrow model; no collateralization ratio concept applicable. mETH is 100% backed by staked ETH at all times (exchange rate = totalControlled ETH / mETH supply). N/A per PD-024. RD-F-069 n/a Algorithmic / under-collateralized stablecoin mETH is a staking receipt token (value-accruing LST backed by Ethereum validator rewards). It is not an algorithmic or under-collateralized stablecoin. The exchange rate is backed 1:1+ by staked ETH at all times. N/A per PD-024 taxonomy classification. RD-F-070 n/a Empty cToken-style market (zero supply/borrow) RD-F-070 is the critical (★) empty-cToken-market factor for the Compound V2 fork donation/share-inflation exploit pattern. mETH Protocol is an original-design Ethereum LST — not a Compound V2 fork and not any variant of a share-based lending market. There are no cToken-style markets to enumerate, no totalSupply==0 / totalBorrow==0 condition to evaluate, and no first-depositor share-inflation vector in the staking architecture. The exchange rate is determined by a committee oracle reporting aggregate validator ETH balances, not by a share/deposit accounting formula. N/A rationale: taxonomy §Category 4 explicitly marks F070 as Compound-fork-only; 00-profile.md §5 confirms original design with no fork lineage. RD-F-071 n/a Seed-deposit requirement for new market listing Seed-deposit requirement is a lending-market listing concept. mETH does not list new markets; it is a single-asset staking pool. N/A per PD-024. RD-F-072 n/a Market-listing governance threshold Market-listing governance threshold is a lending-protocol concept. mETH does not add new lending markets. N/A per PD-024. RD-F-073 n/a Oracle-manipulation-proof borrow cap Oracle-manipulation-proof borrow cap requires a borrow market. mETH has no borrow positions. N/A per PD-024. RD-F-074 n/a ERC-4626 virtual-share offset (OZ ≥4.9) mETH is not an ERC-4626 vault. The Staking contract uses a custom exchange-rate formula (mETH = (1 - exchangeAdjustmentRate) * (mEthSupply / totalControlled) * ethAmount) set by a committee oracle. The ERC-4626 virtual-share offset pattern (OZ >= 4.9 _decimalsOffset) is inapplicable to this architecture. N/A per PD-024 taxonomy classification. RD-F-075 n/a First-depositor / share-inflation guard mETH uses a global staking pool with a committee-oracle-set exchange rate across all depositors. There is no per-market share-accounting formula susceptible to first-depositor inflation. No 'first depositor to a new market' scenario exists in this LST architecture. N/A per PD-024 and taxonomy §Category 4 note.

Operational history Green 12 15 of 15

RD-F-089 red Insurance coverage active No active insurance coverage proportionate to $535M TVL found through Nexus Mutual, Sherlock, or Unslashed. The Immunefi bug bounty ($500K max critical) is researcher incentive, not indemnification. Max bounty = 0.09% of current TVL — materially thin. No Nexus Mutual cover product for mETH found. No Sherlock audit-plus-cover pairing found. No Unslashed listing found. Near-default red for LSTs at this scale per process-learnings. RD-F-084 yellow TVL stability (CoV over 90d) Trailing 90-day TVL (2026-02-14 to 2026-05-16) declined from ~$965M–$991M to $535M — a 44% drawdown. The 30-day change per cache is -21.95% and 1-day change is -3.99%. Estimated coefficient of variation (sigma/mu) over the 90-day window is approximately 0.20–0.25, elevated for a liquid staking protocol at this scale. Scored yellow. Note: some variation is attributable to ETH price decline and net redemptions after the Methamorphosis campaign drew TVL toward cmETH. RD-F-081 gray Post-exploit response score No protocol exploit has occurred; post-exploit response score is not triggered. Scored gray per methodology (factor only scored when incident exists). Qualitative note: the Feb 2025 Bybit incident (external CEX event) showed the team activated cmETH pause, coordinated with SEAL911/Hexagate/Blocksec, recovered $43M in cmETH, and published a post-mortem in <48 hours — consistent with a 4-of-5 response quality score were this a protocol incident. Not scored on this factor. RD-F-082 gray Post-mortem published within 30 days No protocol exploit occurred; no post-mortem obligation triggered. Scored gray. The Mantle Group blog published a post-mortem of the Bybit CEX incident response within 48 hours of Feb 21 2025 — under the 30-day threshold — but this is an external CEX event response, not a protocol exploit post-mortem. RD-F-083 gray Auditor re-engaged after last exploit No prior exploit occurred; auditor re-engagement obligation not triggered. Scored gray. Note: the protocol maintains an active multi-firm audit cadence (16 audit engagements across 6 firms including Oct–Nov 2025 LiquidityBuffer audits by Exvul, Blocksec, Hexens, MixBytes), demonstrating ongoing security investment irrespective of incidents. RD-F-085 gray Incident response time (minutes) No prior protocol incident; incident response time is undefined. Scored gray. Qualitative proxy from Feb 2025 Bybit event: mETH team mobilized cmETH pause within hours of notification on Feb 21–22 2025 and completed recovery operations within ~24–48 hours.

RD-F-076 green Protocol age (days) mETH Protocol permissionless mainnet launch 2023-12-04 (TimelockController deployed 2023-11-08). As of 2026-05-16, approximately 528 days live (~17.6 months), exceeding the 12-month A-grade eligibility threshold. Protocol has been continuously operational with no material downtime.

RD-F-077 green Prior exploit count Zero distinct security incidents affecting mETH Protocol. Hacksdatabase grep (all 23 batches, case-insensitive for 'meth', 'mantle', 'cmeth', 'bitdao') returned no mETH Protocol exploits. Data cache rekt.incidents:[] and defillama.hacks:[] both empty. OSINT sweep confirmed no protocol-level exploit. Feb 2025 Bybit hack involved mETH/cmETH tokens held in Bybit CEX custody — not a protocol exploit; the mETH team participated in recovery with no user fund loss.

RD-F-078 green Chronic-exploit flag (≥3 incidents) Chronic flag is false — zero incidents on record, far below the threshold of 3. See RD-F-077 evidence.

RD-F-079 green Same-root-cause repeat exploit No same-root-cause repeat exploit possible — zero incidents on record. Chronic pattern check is N/A.

RD-F-080 green Days since last exploit No prior exploit on record; days-since-last-exploit is undefined (not 0). Treated as green per no-incident precedent. See RD-F-077.

RD-F-086 green Pause activations (trailing 12 months) One deliberate pause activation in the trailing 12+ months: cmETH withdrawals paused on Feb 21–22 2025 in response to the Bybit Lazarus Group hack (15,000 cmETH targeted for unauthorized withdrawal). The pause was appropriate, brief, and led to $43M recovery with no user fund loss. No other pause activations found. Deliberate security-motivated pause with rapid resolution is consistent with green.

RD-F-087 green Pause > 7 consecutive days No pause exceeding 7 consecutive days found. The Feb 2025 cmETH pause was resolved within approximately 24–48 hours per the Mantle Group blog post-mortem. No other extended pause events found in 29-month operational history.

RD-F-088 green Re-deployed to new addresses in last year No contract-set redeployment (new addresses retiring old ones) in the trailing 12 months. The Staking contract (0xe3cBd06D7dadB3F4e6557bAb7EdD924CD1489E8f) upgraded in-place via TransparentUpgradeableProxy (last implementation swap 2025-10-30) — an upgrade, not a redeployment. LiquidityBuffer/PositionManagerAAVE received 4-firm audit coverage Oct–Nov 2025 for continued use of existing contracts.

RD-F-166 green Deprecated contracts still holding value No officially deprecated mETH Protocol contracts found holding material value. The 'Mantle LSP' to 'mETH Protocol' rebrand was a naming change, not a contract-level deprecation with stranded funds. The Staking contract was upgraded in-place (TransparentUpgradeableProxy, same address). Docs page lists three current contract modules (Staking/mETH, Restaking/cmETH, COOK) with no deprecated designations. No legacy v1 address set with residual TVL identified in any on-chain or documentation source.

Real-time signals Green 3 22 of 22

RD-F-102 yellow Admin/upgrade transaction in mempool Admin/upgrade transaction appearing in mempool. T-09 v1, Phase 2, Tier B. Applicable: yes — Staking contract (0xe3cBd06D7dadB3F4e6557bAb7EdD924CD1489E8f, TransparentUpgradeableProxy) and L1cmETHAdapter (0x4aFA9620D0B79137383A7A9AB3477837d475e948) are upgradeable proxies. CRITICAL POSTURE FINDING: TimelockController minDelay=0 means any admin upgrade tx submitted by the multisig has no enforced delay window. T-09 suppression rule (a) — tx originates from a timelock that fed by a queued+ripe governance proposal — cannot suppress here because any queued operation is immediately ripe (minDelay=0). The Tier-B 48h hysteresis window is also compressed: by the time an alert fires, the tx may already be mined. No active admin tx in mempool at assessment time (last confirmed upgrade: Staking contract 2025-10-30). Score yellow: the zero-delay posture means this signal would fire with no warning window — structurally elevated even without an active fire. RD-F-093 n/a Abnormal gas-price willingness from attacker wallet Abnormal gas-price willingness from attacker wallet. v1-deferred. Requires identified attacker wallet and real-time mempool monitoring. No attacker wallet has been identified for mETH (no incidents). Cannot assess without TI feed and live mempool access. RD-F-096 n/a New ERC-20 approval to unverified contract from whale New ERC-20 approval to unverified contract from high-TVL user. v1-deferred. Requires live on-chain monitoring of top-TVL user approvals — not assessable at static dry-run tier. No specific public flag for mETH. Gray per methodology gap. RD-F-099 gray Oracle price deviation >X% from secondary Oracle price deviation >X% from secondary source. T-09 v1, Phase 2. mETH uses a custom committee oracle (OracleQuorumManager at 0x92e56d2146D54d5AEcB25CA36c89D027a6ea0D90) that reports ETH validator-accounting balances — not a Chainlink spot feed or DEX price. The T-09 secondary-source cross-check architecture does not directly apply to a committee-based validator-accounting oracle. The LiquidityBuffer via Aave v3 may consume Chainlink indirectly but this path is not mapped. Gray: signal architecture mismatch for core oracle; partial applicability via LiquidityBuffer not yet established. RD-F-101 gray Large governance proposal queued Large governance proposal execution queued. T-09 v1, Phase 1 (launch). No on-chain Governor contract exists (governor_address: null confirmed). COOK token introduced Nov 2024 but no Governor deployed at assessment date. All governance executes via MLSPEngL1 multisig (3-of-8) or MSecCouncilL1 multisig (6-of-14) through TimelockController (minDelay=0). T-09 signal monitors on-chain ProposalCreated events — these are not emitted by multisig execution. CRITICAL NOTE: TimelockController minDelay=0 means any operation scheduled becomes immediately executable — if a governor were deployed, the signal would have near-zero lead time. Gray: no governor contract; signal not directly applicable in current architecture. RD-F-103 gray Bridge signer-set change proposed/executed Bridge signer-set change proposed/executed. T-09 v1, Phase 1 (launch), Tier A. Applicable: yes — cmETH LayerZero OFT adapter (0x4aFA9620D0B79137383A7A9AB3477837d475e948) holds ~$70.6M and is a bridge surface; DVN config is the signer-set equivalent. DVN configuration not confirmed via public data (data-cache layerzero.present=false is a confirmed false negative per profile). No bridge signer change event detected in public data. Gray: DVN config baseline not established; requires direct LayerZero endpoint query. RD-F-104 n/a Stablecoin depeg >2% on shared-LP venue Stablecoin depeg >2% on venues with shared LP. T-09 v1, Phase 1. NOT APPLICABLE: mETH Protocol is an ETH liquid staking protocol holding ETH, not stablecoins. The LiquidityBuffer on Aave v3 is ETH-denominated. No stablecoin collateral exceeds the 5% of protocol TVL threshold required for this signal to apply. Structural protocol-type mismatch: this signal is designed for protocols with material stablecoin dependency. RD-F-107 n/a Admin EOA signing from new geography/device Admin EOA signing from new geography / device fingerprint. v1-deferred. Off-chain signing telemetry not available at public OSINT tier. Requires partner feed (MPC / session-key provider telemetry). Not assessable at static dry-run tier. RD-F-109 n/a Social-media impersonation scam spike Social-media impersonation scam-spike. v1-deferred. Applicable: yes — Mantle/@0xMantle has significant brand recognition. No specific mETH-targeted scam-spike event detected in OSINT at assessment time. General DeFi impersonation scam rate elevated in 2025-2026 (1,400% YoY increase per industry reports) but no mETH-specific spike documented. Requires social-media monitoring feed for production assessment. RD-F-110 n/a Unusual pending/executed proposal ratio Unusual pending/executed governance proposal ratio. T-09 phase-2 signal tier. NOT APPLICABLE: no on-chain Governor contract exists for mETH Protocol. Governance is multisig + Snapshot (bitdao.eth). T-09 signal monitors on-chain ProposalCreated / ProposalQueued events which are not emitted by multisig execution. COOK governance token introduced Nov 2024 but no Governor deployed. Not applicable by protocol architecture.

RD-F-090 green Mixer withdrawal → protocol interaction Mixer withdrawal -> mETH protocol interaction signal. T-09 v1, Phase 2, Tier C (advisory only; no grade impact). Deployer 0x207E804758e28F2b3fD6E4219671B327100b82f8 funded by 0x2f44bd2a54ac3fb20cd7783cf94334069641dac9 (labeled Mantle: Network L1 Safe — no mixer hop). No public attribution of mixer-wallet interacting with mETH core contracts within trailing 30 days. Requires licensed wallet-clustering feed for full confirmation. Threshold: withdrew from Tornado Cash / Railgun within 30d AND interacts with mETH core contracts >$100k AND confirmed by >=2 attribution sources. None of these conditions met from public data.

RD-F-091 green Partial-drain test transactions Partial-drain test transactions. T-09 phase-2 signal tier signal. No prior incidents in mETH history (DefiLlama hacks: empty, Rekt: empty). No test-drain pattern or small-value precursor transactions detected in public data. Protocol has a Pauser contract (0x29Ab878aEd032e2e2c86FF4A9a9B05e3276cf1f8) that could respond to such a pattern.

RD-F-092 green Unusual mempool pattern from deployer wallet Unusual mempool pattern from deployer wallet. T-09 phase-2 signal tier. Deployer 0x207E804758e28F2b3fD6E4219671B327100b82f8 is a signer on the protocol admin multisig (MLSPEngL1). Multisig execution patterns appear as Safe multi-sign transactions rather than bare EOA mempool patterns, making this signal less applicable. No unusual deployer-wallet activity detected in public data.

RD-F-094 green New contract with similar bytecode to exploit template New contract deployment with similar bytecode to protocol target. T-09 phase-2 signal tier. mETH uses purpose-built original contracts (not a fork — profile §5 confirms no fork lineage). Exploit-template bytecode similarity scans targeting mETH-class LST architecture are not documented in public data. Lower risk than Compound-fork protocols where exploit templates are well-catalogued.

RD-F-095 green Known-exploit function-selector replay Specific function-selector call-pattern (known-exploit replay). T-09 phase-2 signal tier. No known-exploit-template selector replay pattern targeting mETH documented in public data. No prior incidents that would seed a replay template.

RD-F-097 green Sybil surge of identical-pattern transactions Sybil surge of identical-pattern transactions. T-09 phase-2 signal tier. No sybil transaction burst pattern targeting mETH detected in public data. Protocol TVL decline is secular (market conditions), not a sybil-indicative event pattern.

RD-F-098 green TVL anomaly — % drop in <1h TVL anomaly — % drop in <1h vs 30d baseline. T-09 v1, Phase 1 (launch), Tier A. Threshold: TVL_now / TVL_baseline_30d < 0.70 over 60-minute window. Current TVL $535M; 30d trend -21.95% (secular market decline). Estimated 30d baseline median approximately $680M. Current ratio approximately 0.79, above the 0.70 trigger threshold. The 90d decline from ~$965M is a sustained gradual trend, not an acute drain event. No single-hour >30% TVL drop event detected.

RD-F-100 green Flash loan >$10M targeting protocol tokens Flash loan >$10M targeting protocol tokens. T-09 v1, Phase 2. mETH staking has no on-chain governor (COOK governance token exists but no Governor contract deployed). Flash loans cannot directly lever governance in the standard Beanstalk/Audius attack pattern. cmETH BoringVault interacts with EigenLayer/Symbiotic but flash-loan attack vector against these positions is not documented. No flash-loan event targeting mETH contracts detected in public data.

RD-F-105 green DNS/CDN/frontend hash drift DNS / CDN / frontend change detected (hash drift). T-09 v1, Phase 2, Tier A. Applicable: yes — methprotocol.xyz is the primary frontend. No DNS anomaly, TLS cert change, or frontend hash drift detected via public OSINT at assessment time. methprotocol.xyz operational. No documented CDN compromise or DNS hijack event for Mantle/mETH. Production monitoring stack (Phase 2 infrastructure) not yet deployed. WHOIS for methprotocol.xyz returned no data (privacy protection suspected — not a clean result for domain registration monitoring). Signal would need the full monitoring stack to be meaningful; current state: no active drift detected.

RD-F-106 green Cross-chain bridge unverified mint pattern Cross-chain bridge tx pattern (deposit src, mint dst without proof). T-09 phase-2 signal tier. Applicable: cmETH LayerZero OFT adapter bridges cmETH between Ethereum L1 and Mantle Network. LayerZero OFT is designed to mint on destination via DVN attestation — not a Nomad-style default-root vulnerability. No unverified mint event reported in public data.

RD-F-108 green GitHub force-push to sensitive branch GitHub force-push / sensitive-branch push. T-09 phase-2 signal tier. github.com/mantle-lsp/contracts: no force-push event documented at assessment time. Last commit 2026-04-15 per profile. Production monitoring requires per-protocol GitHub permissioned access per T-09 §3.3. No public evidence of unauthorized branch push.

RD-F-182 green Security-Council threshold reduction (RT) Security-Council threshold reduction event (batch-24, Cat 6B, T-09 v1.1 candidate). Applicable: yes — Security Council (MSecCouncilL1 at 0x4e59e778a0fb77fBb305637435C62FaeD9aED40f) is a 6-of-14 Safe multisig; Protocol Admin (MLSPEngL1 at 0x432ABcCb04DdD86Db9aA91FA3E03Fb566270c9ff) is a 3-of-8 Safe multisig. Signal fires on threshold reduction, timelock removal, or new-signer addition within 14 days. CRITICAL CALIBRATION NOTE: TimelockController minDelay=0 means the Drift comparator (6-day window between SC threshold reduction and exploit) does not apply — for mETH, any threshold reduction could be followed immediately by malicious operation. Current posture: Security Council threshold 6-of-14 (confirmed via Safe API data cache, retrieved 2026-05-16); Protocol Admin threshold 3-of-8 (confirmed). No threshold reduction events reported. Score green: no threshold change at assessment time. Monitoring this signal is especially high-priority given zero-delay timelock architecture.

Dev identity & insider risk Green 11 16 of 16

RD-F-112 yellow Team public accountability surface Named executives (Jordi Alexander, Arjun Kalsy, Yaxi Zhu, Thomas Chen, Brian Trunzo) have verifiable LinkedIn histories, prior employer references (BitGo, Polygon, Bybit, Morgan Stanley, Goldman Sachs), and conference appearances. Protocol engineers (GitHub pseudonymous handles) have no independently verifiable public identity beyond commit history. Yellow because engineering team accountability surface is low despite strong leadership accountability. RD-F-116 yellow Contributor tenure at admin-permissioned PR GitHub PR #7 ('add-new-admin-broadcast LSPMultiSig and MantleCouncil') was authored by 'shidaxi' (7 total contributions to repo) and approved by 'Sha3nS' (4 total contributions), merged 2023-11-02. No description provided in PR. These handles are pseudonymous with modest repo histories; their real tenure and employer context are not verifiable. Yellow because admin-permissioned changes are authored by low-contribution pseudonymous handles without verifiable tenure. RD-F-121 yellow Contributor OSINT depth score Named executives score 4-5/5 on OSINT depth (LinkedIn histories, multiple prior employers, conference records, media presence). Protocol engineers (pseudonymous GitHub handles) score 1-2/5 (only commit history available; no LinkedIn, no conference presence verifiable). Weighted by code-access role: overall OSINT depth ~2.5/5, driving yellow. The gap between leadership accountability and engineering-team accountability is the key finding. RD-F-123 yellow Sudden admin-rescue/ACL change without discussion Three signals drive yellow: (1) Protocol Admin Safe (MLSPEngL1, 0x432ABcCb04DdD86Db9aA91FA3E03Fb566270c9ff) deployed 2026-01-26 with no corresponding governance forum discussion identified for this specific infrastructure change — no Mantle Forum thread or Snapshot vote found for the Jan 2026 admin Safe deployment; (2) TimelockController minDelay = 0 per constructor args and confirmed in docs — any admin role holder can execute changes immediately with no enforced delay window; (3) GitHub PR #7 ('add-new-admin-broadcast LSPMultiSig and MantleCouncil', merged 2023-11-02) had no description and no linked preceding issue. Mitigants preventing red: MIP-25 provided original governance sanction; docs openly acknowledge zero-delay timelock; Bybit hack response (Feb 2025) admin actions were crisis-driven and publicly disclosed. Not a 'sudden admin-rescue' without any governance context. RD-F-117 gray ENS/NameStone identity bound to deployer No ENS name bound to deployer EOA 0x207E804758e28F2b3fD6E4219671B327100b82f8. Address is an organizational deployer labeled by Etherscan as 'Mantle: Deployer 1'; ENS binding to org deployers is not standard practice. Absence is expected and not a risk signal. RD-F-119 gray Commit timezone consistent with stated geography Commit time-zone distribution analysis not conducted at programmatic level. Commit timestamps are distributed across business hours consistent with Asia/Middle East timezone (Mantle's known base: Dubai-based team members). No extreme anomaly (e.g., all commits 2–6 AM UTC consistent with DPRK hours) observed in manual review of visible commit set on GitHub. Not assessed at statistical-distribution level; gray. RD-F-122 n/a Contributor paid to DPRK-cluster wallet mETH Protocol is a corporate-backed Mantle initiative. No on-chain payment streams or vesting contracts to individual contributor wallets were identified in scope of this assessment. Off-chain payroll (fiat or stablecoin via Mantle treasury) is the presumed payment mechanism. Cannot assess contributor wallet routing to DPRK cluster without on-chain payment stream evidence. Per protocol context: for off-chain-payroll companies, this factor is not assessable beyond the deployer unless on-chain payment streams exist. None found. RD-F-184 gray Real-capital social-engineering persona No curator-flagged 'team contributor' or 'external integrator' persona with >=1M USD attributed real-capital deposits to mETH Protocol or peer protocols has been identified. The Drift Protocol comparator (UNC4736 deployed >$1M real capital as part of 6-month social-engineering build-up before $285M exploit) is not replicated here based on available OSINT. The Feb 2025 Bybit hack was an exchange-level Safe compromise by an external DPRK actor, not a slow-build social-engineering persona operating inside mETH Protocol. Marked gray: M-only factor requiring curator-level on-chain capital-flow analysis; no on-chain evidence to assess; absence-of-trace is not sufficient for green per F184 methodology.

RD-F-111 green Team doxx status Core Mantle leadership is substantially doxxed: Jordi Alexander (real name, INSEAD/UNC, LinkedIn, TOKEN2049 conference speaker, YouTube interviews, WSOP bracelet 2024), Arjun Kalsy (LinkedIn, Blockworks speaker, Forkast author, ex-VP Polygon), Yaxi Zhu (Bybit co-founder, Mirana Ventures partner, LinkedIn, @YaxiZhu), Thomas Chen (ex-MD BitGo), Brian Trunzo (ex-VP BD Polygon). Protocol-level engineers use pseudonymous GitHub handles (shellteo, Hecate2, shidaxi, Willyham, Sha3nS, BlueShells, pandainzoo). Categorical: real-name leadership with track record; pseudonymous engineers.

RD-F-113 green Team other-protocol involvement history No prior rug or exit-scam affiliations found for any named team member. Jordi Alexander: Selini Capital founder (systematic trading firm, active). Arjun Kalsy: prior VP Growth at Polygon (successful protocol, no rug). Yaxi Zhu: Bybit co-founder, Mirana Ventures (institutional crypto fund). Thomas Chen: ex-BitGo MD. Brian Trunzo: ex-Polygon VP BD. All protocol histories are clean or successful.

RD-F-114 green Deployer address prior on-chain history Deployer 0x207E804758e28F2b3fD6E4219671B327100b82f8 labeled 'Mantle: Deployer 1' on Etherscan. First transaction 2023-06-28 (ProxyAdmin creation, block 17575798). 920 total transactions showing institutional deployment pattern (contract deployments, Safe interactions, token approvals). No rug-deployer-class characteristics, no prior-rug-associated activity, funded from labeled Mantle infrastructure Safe.

RD-F-115 green Prior rug/exit-scam affiliation No rug or exit-scam affiliation found for any named team member or the deployer address. Web search for 'Mantle mETH rug exit scam' returned only generic rug-pull educational content and unrelated phishing sites (rewards.mantleweb3.xyz — a fake site, not Mantle-operated). No Rekt leaderboard entry for mETH (data cache rekt.incidents: []). No OSINT hit linking any team member to a prior rugged project.

RD-F-118 green Handle reuse across failed/rugged projects No evidence of GitHub handle reuse across prior rugged or failed projects for any of the 8 contributor handles (shellteo, Hecate2, shidaxi, Willyham, Sha3nS, BlueShells, cxkoda, pandainzoo). Named leadership (Jordi Alexander, Arjun Kalsy) have clean and publicly documented prior-protocol histories (Selini Capital, Polygon). No adverse social-handle reuse pattern detected.

RD-F-120 green Video-off/voice-consistency flag No video-off or voice-consistency flag. Jordi Alexander has multiple YouTube video interviews with full video (The Defiant podcast 2023, TOKEN2049 London 2022, TOKEN2049 Dubai 2025 keynote). Arjun Kalsy has Blockworks conference panel appearances. Yaxi Zhu publicly identified as Bybit co-founder with in-person conference presence. No pattern of camera-off or timezone-inconsistent voice detected.

RD-F-124 green Deployer wallet mixer-funded within 30 days Deployer 0x207E804758e28F2b3fD6E4219671B327100b82f8 ('Mantle: Deployer 1') funded from 0x2f44bd2a54ac3fb20cd7783cf94334069641dac9 ('Mantle: Network L1' — Gnosis Safe 1.3.0, labeled Mantle infrastructure on Etherscan). Funding occurred approximately 2 years 332 days before assessment (well outside the 30-day pre-deploy window). No Tornado Cash or Railgun interaction identified at 1-hop or 2-hop level. The 2-hop creator (0x34e17BaA...bebe237bE) is also a labeled Mantle ecosystem deployer with no mixer association. 30-day mixer-funded window does not trigger.

RD-F-125 green Deployer linked within 3 hops to DPRK/Lazarus No team-side DPRK or Lazarus cluster linkage found within 3 hops. The February 2025 Bybit hack involved DPRK-attributed actors (UNC4736/TraderTraitor) who stole approximately 8,000 mETH and 15,000 cmETH from Bybit's Safe wallet; Mantle acted as a third-party responder (blacklisted attacker wallet addresses, recovered $42M, froze cmETH). Per U4 rule: DPRK using mETH/cmETH as a passive drain venue does NOT contaminate team identity. No OFAC SDN listing found for Mantle, BitDAO, or any mETH-associated entity. Web OSINT search for Mantle BitDAO DPRK Lazarus developer insider returned no adverse team-side results. F125 green; Bybit hack context routed to Cat 11 (realtime-intel-analyst, F158).

Fork / dependency lineage Green 11 10 of 10

RD-F-133 yellow Dependency manifest uses unpinned versions .gitmodules uses branch-tracking for all submodules: openzeppelin-contracts (branch: v4.9.0), openzeppelin-contracts-upgradeable (no branch specified), aave-v3-origin (no branch specified), forge-std (no branch specified), openzeppelin-contracts-v5 (release-v5.0 branch). No submodule is pinned to an exact commit SHA. Branch-tracking submodules can drift if the upstream branch receives new commits. For OZ v4.9.0 (a final release of v4.x) the risk is lower since the branch is stable, but the pattern is technically unpinned at commit level. Yellow: OZ unpinned at commit level. RD-F-126 n/a Is-a-fork-of Protocol confirmed as original codebase — not a fork. GitHub mantle-lsp/contracts has no fork declaration, 60-commit history with no upstream relationship. README: 'Mantle LSP is a permissionless ETH liquid staking protocol' — purpose-built contracts. Profile fork_lineage.is_fork: false. RD-F-127 n/a Upstream patch not merged Not applicable — protocol is not a fork; no upstream exists to publish security patches. RD-F-128 n/a Upstream vulnerability disclosure (last 90d) Not applicable — protocol is not a fork; no upstream disclosure to monitor. RD-F-129 n/a Code divergence from upstream (%) Not applicable — protocol is not a fork; no fork-point upstream commit exists for divergence measurement. RD-F-130 n/a Fork depth (generations from original audit) Not applicable — protocol is not a fork; fork depth is 0 by definition for an originally designed protocol. RD-F-131 n/a Fork retains upstream audit coverage Not applicable — protocol is not a fork; upstream audit retention is moot for an original codebase. RD-F-132 n/a Fork has different economic parameters than upstream Not applicable — protocol is not a fork; no upstream economic parameters to deviate from.

RD-F-134 green Dependency had malicious-release incident (last 90d) No known malicious-release incident in trailing 90 days (Feb-May 2026) affecting OZ v4.9.0, openzeppelin-contracts-upgradeable, forge-std, or aave-v3-origin. OZ v4.9.0 is a stable 2023 release with no active malicious-release advisory.

RD-F-135 green Shared-library version with known-vuln status Primary security-critical library: OpenZeppelin Contracts v4.9.0 (final v4 release, 2023-05). No high/critical GHSA advisory active for v4.9.0 as of 2026-05-16. aave-v3-origin is Aave's own well-maintained library with no known active advisory. forge-std is a testing utility (not production security-critical).

Post-deploy hygiene & change mgmt Yellow 21 13 of 13

RD-F-139 red Post-audit code changes without re-audit LiquidityBuffer (Aave v3 integration) was activated October 2024 per protocol docs but was only audited in October-November 2025 (Exvul 2025-10-20, Blocksec 2025-10-21, Hexens 2025-10-22, MixBytes 2025-11-13). Additionally, GitHub commit history shows active code changes (liquidity buffer improvements, security enhancements, position manager fixes) from June-October 2025, with concurrent audits in October 2025. The gap between the feature's activation and its first audit coverage represents material post-audit code deployment without re-audit — matching the Euler lineage (F138 ~8P) definition. The 2025-06-17 mETH token upgrade also occurs between the 2024 cmETH/BoringVault audits and the 2025 LiquidityBuffer audits with no confirmed audit coverage. RD-F-136 yellow Deployed bytecode matches signed release tag GitHub mantle-lsp/contracts latest commit: 2025-10-31 (Merge PR #18 fix-pm). Staking proxy upgrade to 0x01a360392c74b5b8bf4973f438ff3983507a06a2 occurred 2025-10-30 (block 23689062) — one day before the final merge commit. Bytecode likely corresponds to the final merge, but no formal signed release tag verified. Match is plausible but not formally attested. RD-F-141 yellow Test-mode parameters in deploy TimelockController minDelay=0 has characteristics of a test-mode configuration left in production. Zero delay is unusual for a $535M TVS protocol — most production timelocks use 24h-72h delays. No other obvious test-mode artifacts found (oracle appears production-grade, allowances normal). Zero-delay scored separately under F032/F038 but flagged here as a test-configuration signal. RD-F-142 yellow Storage-layout collision risk across upgrades Three Staking proxy upgrades over ~29 months. The Oct 2025 upgrade introduced initializeV2() per GitHub source (standard OZ upgrade pattern). Storage layout collision analysis requires OZ upgrades plugin run — not performed at assessment time. Four concurrent audits (Exvul, Blocksec, Hexens, MixBytes, Oct-Nov 2025) likely checked storage layout. No documented collision; OZ plugin check deferred. RD-F-145 yellow Deployed bytecode reproducibility GitHub provides Solidity source and foundry.toml, enabling build reproducibility in principle. No formal reproducibility claim, Docker build artifact, or reproducibility attestation published. No REPRODUCIBILITY.md in the mantle-lsp/contracts repo. Build reproducibility is achievable but not formally attested. RD-F-185 yellow Bridge rate-limiter / chain-pause as positive mitigant cmETH L1cmETHAdapter (LayerZero OFT, ~$70.6M) shows no confirmed per-window rate-limiter in available contract data. mETH core LST has no bridge (Ethereum L1 only). Ethereum mainnet has no validator-executed emergency chain pause capability. The $70.6M cmETH bridge exposure lacks a confirmed rate-limiter mitigant. Factor evaluates as yellow (partial — no negative, but positive mitigant not confirmed).

RD-F-137 green Upgrade frequency (per 90 days) Staking proxy: 3 total upgrades in ~29 months (Oct 2023 x2, Oct 2025 x1) = ~0.10 upgrades/90d. mETH token proxy: 1 upgrade in last 12 months (Jun 2025). L1cmETHAdapter: 1 upgrade Aug 2024. Low upgrade frequency overall — not indicative of hot-patching or unstable codebase.

RD-F-138 green Hot-patch deploys without timelock (last 30 days) Last Staking proxy upgrade: 2025-10-30 (>6 months before assessment date 2026-05-16). No proxy upgrades in last 30 days. mETH token last upgraded Jun 2025 (>10 months ago). No evidence of recent hot-patch bypass of timelock.

RD-F-140 green Fix-merged-but-not-deployed gap No evidence of merged-but-undeployed security patches in GitHub commit history. The 2025-10-30 Staking upgrade (PR #18 fix-pm, merged 2025-10-31) was deployed concurrent with the fix. GitHub shows no open security-related PRs or issues flagging undeployed fixes.

RD-F-143 green Reinitializable implementation (no _disableInitializers) Staking.sol constructor calls _disableInitializers() — confirmed from GitHub source: constructor() { _disableInitializers(); }. METH.sol also calls _disableInitializers() in constructor — confirmed from GitHub source. Both are the highest-TVL proxied contracts. Standard OZ protection against implementation re-initialization is in place.

RD-F-144 green CREATE2 factory permits same-address redeploy No evidence of CREATE2 factory deployment for any core mETH Protocol contracts. All contracts deployed via standard EOA transactions. No CREATE2-based redeploy-to-same-address attack surface identified.

RD-F-146 green New contract deploys in last 30 days No new core contract deployments in last 30 days (before 2026-05-16). Last major deployment batch was October-November 2025 (LiquidityBuffer, PositionManagerAAVE, Staking upgrade). Protocol is in maintenance mode post-Oct 2025 deployment.

RD-F-168 green Stale-approval exposure on deprecated router No deprecated router contracts in mETH Protocol architecture. Staking uses direct stake/unstake flow (no router pattern). Prior implementation addresses in Staking proxy are logic-only — proxy contract is the approval target, not implementations. No user approvals to deprecated contracts identified.

Cross-chain & bridge Green 0 12 of 12

RD-F-148 gray Bridge validator count (M) LayerZero OFT uses DVN (Decentralized Verifier Network) model. DVN count for the cmETH Ethereum->Mantle (EID 30181) pathway could not be read via OSINT. Requires live RPC call: ReceiveUln302.getUlnConfig(0x4aFA9620..., 30181). No public disclosure found. See F179 for LZ-specific encoding and the definitive assessment path. RD-F-149 gray Bridge validator threshold (k-of-M) DVN threshold for cmETH Ethereum->Mantle pathway not determinable via OSINT. Requires same RPC call as F148. Per post-Kelp-DAO analysis (Blockaid, Apr 2026): 47% of LayerZero OApps use 1-of-1 configuration. If cmETH uses default config, threshold may be 1. See F179. RD-F-150 gray Bridge validator co-hosting DVN set identity not determined. Cannot assess co-hosting risk. Requires F179/F148 to be resolved first. RD-F-155 gray Bridge validator-set rotation recency DVN set not identified. Cannot assess validator rotation recency. Blocked on F179/F148 resolution. RD-F-156 gray Bridge uses same key custody for >30% validators DVN set not identified. Cannot assess custody distribution. Blocked on F179 resolution. RD-F-157 gray Bridge TVL per validator ratio Cannot compute TVL-per-validator ratio: DVN count unknown. Bridge TVL is $70.6M. If DVN count=1 (1-of-1 scenario), ratio = $70.6M per DVN — extremely high concentration. RD-F-179 gray LayerZero OFT DVN config (count, threshold, diversity) DVN configuration for cmETH OFTAdapterUpgradeable Ethereum->Mantle pathway (EID 30181) could NOT be determined via OSINT. Reading requires live RPC call: ReceiveUln302.getUlnConfig(0x4aFA9620D0B79137383A7A9AB3477837d475e948, 30181) on Ethereum ReceiveUln302 (0xc02Ab410f0734EFa3F14628780e6e695156024C2). No public disclosure, no governance post, no protocol-specific audit covering DVN config found. Adapter deployed 2024-08-02 — predates post-Kelp-DAO (Apr 2026) awareness campaign. Per Blockaid post-Kelp analysis: 47% of LayerZero OApps used 1-of-1 DVN config. If cmETH uses default/minimal config (1 required DVN, 0 optional), exposure matches Kelp DAO 1-of-1 pattern on $70.6M. Curator must resolve via RPC call: if requiredDVNCount + optionalDVNThreshold <= 1, flip to RED; if >= 2, flip to yellow or green based on DVN diversity. This is the highest-priority unresolved Cat 10 item.

RD-F-147 green Protocol has bridge surface Yes — cmETH has a LayerZero OFTAdapterUpgradeable (L1cmETHAdapter) connecting Ethereum L1 to Mantle Network L2. Holds ~$70.6M cmETH (29,119 cmETH at profile date). mETH core LST token is Ethereum-only with no bridge. Bridge surface is real and confirmed.

RD-F-151 green Bridge ecrecover checks result ≠ address(0) [★ CRITICAL] LayerZero OFTAdapterUpgradeable does not use raw ecrecover for message verification. DVN verification occurs in LayerZero Endpoint V2 layer via payload hash verification, not ECDSA signature checks in the OFT adapter. The Wormhole-class ecrecover zero-address bug is not applicable to this bridge architecture. L1cmETHAdapter inherits OFTAdapterUpgradeable from lib/lz-upgradable — no ecrecover calls in the OFT receive path.

RD-F-152 green Bridge binds message to srcChainId LayerZero Endpoint V2 includes EID (endpoint/chain ID) in the packet Origin struct: srcEid field binds each message to its source chain. Peer validation via setPeer() further enforces which source addresses are valid per EID. Chain separation is enforced at the protocol layer.

RD-F-153 green Bridge tracks nonce-consumed mapping LayerZero Endpoint V2 tracks message nonces per pathway (srcEid, sender, nonce) with monotonically increasing nonce enforcement. Replayed nonces are rejected at the Endpoint V2 layer. This is a protocol-level guarantee inherited by all OFT adapters using the standard LayerZero V2 stack.

RD-F-154 green Default bytes32(0) acceptable as valid root [★ CRITICAL] Nomad zero-root bug requires bridge accepting Merkle roots directly. LayerZero OFT uses DVN-verified packet model — lzReceive validates DVN-attested payload hash, not raw Merkle root. No bytes32(0) or default-value root-acceptance path exists in L1cmETHAdapter. The EndpointV2 packet verification is hash-based on the payload content, not root-based.

Threat intelligence & recon Green 17 8 of 8

RD-F-161 yellow Protocol-impersonator domain registered (typosquat) Protocol-impersonator domain registered (typosquat). ASSESSED FIRST IN CAT 11 per methodology. Mantle is a recognized major DeFi brand (top-40 by TVL, $535M TVS, 2.1B historical peak). Official domains: methprotocol.xyz, mantle.xyz, docs.mantle.xyz. WHOIS check for methprotocol.xyz: returned 'No WHOIS data found' via who.is (privacy protection suspected — not a clean result). DomainTools API not available at assessment tier (confirmed WHOIS gap per process-learnings). Registration-to-assessment-date delta: WHOIS data unavailable; cannot calculate explicit delta. No confirmed typosquat registration within the 90-day window (2026-02-15 to 2026-05-16) found from public OSINT, but absence is a monitoring gap, not clean confirmation. Base rate: Impersonation scams grew 1,400% in 2025 per industry reports; major DeFi LST brands are high-profile targets. Yellow: elevated risk for recognized brand; WHOIS monitoring gap prevents clean green; no confirmed active typosquat found. RD-F-158 gray Known-threat-actor cluster has touched protocol Known-threat-actor wallet cluster has touched protocol. T-09 v1, Phase 2, Tier C. No public attribution of Lazarus Group, DPRK, or other curated threat-actor cluster interacting with mETH core contracts within trailing 30 days. OSINT search for Lazarus/DPRK/Mantle/mETH 2024-2025 returned no positive results. Authoritative assessment requires licensed TI feed (Chainalysis, TRM Labs, Arkham). Per invocation guidance: attacker using mETH as a passive launder venue (e.g., swapping through mETH liquidity) would be Cat 11 F158 yellow and does NOT contaminate dev-identity F124/F125. RD-F-159 gray Attacker wallet pre-strike probe (low-gas failing txs) Mempool probe: attacker wallet sending low-gas failing txs. Requires mempool monitoring and TI feed for attacker wallet identification. No attacker wallet identified (no incidents). Not assessable at public OSINT tier. Requires partner feed. RD-F-162 gray Known-exploit-template selector deployed by any address Known-exploit-template selector-pattern deployed by any address. Requires on-chain deploy scan tooling for trailing 90-day surveillance. No known-exploit-template bytecode pattern targeting mETH-class LST architecture detected in public data. mETH uses original purpose-built contracts (not a Compound fork). Full assessment requires on-chain deploy scan. RD-F-163 gray Avg attacker reconnaissance time for peer-class protocols Attacker wallet reconnaissance time before strike (days, for similar class). No in-sample mETH incident history to derive a protocol-specific reconnaissance window from. Class context: DPRK/Lazarus group reconnaissance periods range from 30 days to 78 days pre-strike (USPD pattern) to 6 months (Drift Protocol, UNC4736 persona build-up pattern). mETH class (Ethereum ETH LST, $535M TVS) is a plausible target class. Gray: no protocol-specific data; class context only. RD-F-164 gray Leaked credential on paste/sentry site Leaked credential on paste/sentry site matching protocol infra. Requires paste/cred-dump monitoring feed (manual TI curation). No public paste site or credential dump referencing mETH protocol infrastructure detected via OSINT. Not assessable at static dry-run tier without dedicated feed. RD-F-165 gray Protocol social channel has scam-coordinator flag Telegram/Discord channel member flagged as scam-coordinator. Official Discord: discord.gg/0xMantle (Mantle community). No public flag on Mantle/mETH Discord admin or moderator as scam-coordinator at assessment time. Requires curator social watchlist — not assessable at static dry-run tier.

RD-F-160 green GitHub malicious-dependency incident touching protocol deps GitHub-flagged malicious-dependency incident touching protocol deps. No GitHub Security Advisory (GHSA) targeting mantle-lsp/contracts dependencies detected at assessment time. Protocol dependencies include OpenZeppelin libraries, LayerZero SDK, and BoringVault pattern. No confirmed malicious release in these libraries in trailing 90 days per public OSINT. GitHub last commit 2026-04-15.

Tooling / compiler / AI Green 0 5 of 5

RD-F-171 n/a Bytecode similarity to audited upstream with behavior deviation Protocol is original (not a fork). There is no audited upstream to compare against for AI-copy/behavioral-deviation risk. Factor requires an audited upstream reference — not applicable for original protocols.

RD-F-170 green Solc version used (known-bug versions flagged) All deployed contracts use Solidity v0.8.20+commit.a1b79de6 (confirmed across Staking, Oracle, L1cmETHAdapter, BoringVault, LiquidityBuffer, PositionManagerAAVE implementations). No high/critical bugs documented for 0.8.20 on Etherscan solcbuginfo. TransientStorageClearingHelperCollision (high severity) only affects 0.8.28-0.8.33 — not applicable. viaIR is NOT set in foundry.toml, so no viaIR-specific bugs apply.

RD-F-172 green Repo shows AI-tool co-authorship in critical files GitHub commit history for mantle-lsp/contracts shows recent commits (up to afa686b, 2025-10-31) authored by 'shellteo' with standard git commit messages. No Co-authored-by trailer indicating AI-tool co-authorship (GitHub Copilot, ChatGPT) found in inspected commit messages.

RD-F-173 green Team self-disclosure of AI-generated Solidity No public disclosure found in mETH Protocol blog, docs, GitHub, or official announcements indicating AI-generated Solidity in security-critical paths. The mETH team blog discusses product features without AI code generation disclosure. GitHub README does not disclose AI usage.

RD-F-174 green Dependency tree uses EOL Solidity version Core contracts use Solidity 0.8.20 which is within the active 0.8.x support range (not EOL). OZ v4.9.0 compiles with >=0.8.0, aave-v3-origin requires >=0.8.10. No EOL Solidity version detected across the deployed contract tree. Project does not use Vyper.

Response & disclosure hygiene Yellow 33 4 of 4

RD-F-176 red Disclosure SLA public No public acknowledgment-time SLA found for disclosed vulnerabilities. The Immunefi program specifies 'Responsible Publication Category 3' (team approval required) and 'Primacy of Rules' governance, but no specific SLA (e.g., 72h acknowledgment, 14-day fix window) is published in the Immunefi program text, docs.mantle.xyz, or any protocol-authored document. Scored red. RD-F-175 yellow Disclosure channel exists A public Immunefi bug bounty program exists at immunefi.com/bug-bounty/mETH/ — a valid disclosure channel. However, no dedicated security email, no security.txt, and no SECURITY.md in GitHub repo (cache security_md_present:false). No direct security contact beyond Immunefi's intermediary. For a $535M TVL protocol at 29 months of operation, Immunefi-only disclosure channel without a direct contact path is a maturity gap. Scored yellow.

RD-F-177 green Prior known-ignored disclosure No evidence of a prior disclosed vulnerability that was ignored before exploit. Zero protocol incidents on record. No post-mortem or news source documents a whitehatter-disclosed, team-ignored vulnerability subsequently exploited in mETH Protocol. The Feb 2025 Bybit event did not involve a prior disclosure being ignored — it was a CEX supply-chain/social-engineering attack.

RD-F-178 green CVE/GHSA advisory issued against protocol No CVE, GHSA, or equivalent public advisory found against mETH Protocol (mantle-lsp/contracts). Searched NVD/CVE databases, GitHub advisory database, and OSINT sweep — no results. MixBytes audit findings (0 critical / 3 high / 4 medium / 7 low, all acknowledged or fixed) are audit findings, not public advisories. Scored green.

rubric_version v1.7.0 graded_at 2026-05-16 02:17:51 factors 184 protocol meth-protocol