Storage-layout collision risk across upgrades

mETH Protocol's assessment for RD-F-142 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Three Staking proxy upgrades over ~29 months. The Oct 2025 upgrade introduced initializeV2() per GitHub source (standard OZ upgrade pattern). Storage layout collision analysis requires OZ upgrades plugin run — not performed at assessment time. Four concurrent audits (Exvul, Blocksec, Hexens, MixBytes, Oct-Nov 2025) likely checked storage layout. No documented collision; OZ plugin check deferred.

Sources #

GitHub
mETH Staking.sol — initializeV2() for upgrade patternStaking.sol source: initializeV2() function present for Oct 2025 upgrade; OZ upgradeable pattern usedretrieved 2026-05-16
Docs
mETH audit coverage for Oct 2025 upgrade4 audits covering Oct 2025 upgrade: Exvul 2025-10-20, Blocksec 2025-10-21, Hexens 2025-10-22, MixBytes 2025-11-13retrieved 2026-05-16

Methodology #

Determine whether the OZ upgrades-plugin or manual review flags a storage-layout collision risk between implementation versions.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol meth-protocol factor RD-F-142 score yellow collected_at 2026-05-16 02:17:50