Static-analyzer high-severity count

QuickSwap's assessment for RD-F-010 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No published Slither/Mythril/Semgrep run on QuickSwap deployed bytecode accessible at assessment time. C4 Sep 2022 contest (118 warden submissions) identified 1 HIGH + 12 MEDIUM in Algebra V1 core — the HIGH (H-01 cooldown manipulation) is a confirmed high-severity finding that serves as proxy evidence for at least 1 high-severity finding prior to fix. V2 contracts (immutable, Uniswap V2 pattern) have well-studied static analysis profile — no open high-severity Slither findings documented in public analysis. Scored yellow due to: H-01 high-severity finding from C4, inability to independently run tools, V3 periphery entirely unassessed by any published analysis.

Sources #

Audit
Code4rena 2022-09 QuickSwap Full ReportC4 H-01 high severity confirmed — malicious liquidity cooldown manipulationretrieved 2026-05-16

Methodology #

Count the number of unique high-severity detector findings from Slither + Mythril + Semgrep run against the deployed verified source (after deduplication across tools).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol quickswap factor RD-F-010 score yellow collected_at 2026-05-16 08:48:31