defirisk.co
rubric v1.7.0

Auditor re-engaged after last exploit

PancakeSwap's assessment for RD-F-083 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

The BCE/USDT 2025 incident root cause is a malicious third-party token's own logic (BCE scheduledDestruction), not a bug in PancakeSwap AMM code. A protocol re-audit specifically addressing this root cause is not applicable — the AMM invariant math was not implicated. No post-incident external audit for the AMM specifically commissioned. Score: gray (N/A — incident did not implicate protocol-owned smart contract code in a way requiring a re-audit).

Sources #

  • Docs
    PancakeSwap Audits PagePancakeSwap audits page — no post-March-2025 external audit listedretrieved 2026-04-28

Methodology #

Determine whether a reputable auditor performed a re-audit or incident review after the most recent exploit.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol pancakeswap factor RD-F-083 score gray collected_at 2026-04-28 19:10:57