★ Default bytes32(0) acceptable as valid root

Polymarket's assessment for RD-F-154 — scored not_applicable on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

[★ CRITICAL — N/A] No Merkle root acceptance in any Polymarket contract. No bridge inbox, no root validation logic. No Nomad-class vulnerability surface. Profile §7 confirms no bridge.

Sources #

Etherscan
CTF Exchange V2 — Verified SourceCTF Exchange V2 source — no Merkle root acceptanceretrieved 2026-04-29

Methodology #

Determine whether the bridge inbox accepts a default-value (bytes32(0)) Merkle root as a valid proof root (Nomad bug class).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol polymarket factor RD-F-154 score not_applicable collected_at 2026-04-29 16:25:39