★ Post-audit code changes without re-audit

Sky Lending (formerly MakerDAO)'s assessment for RD-F-139 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Core MCD contracts immutable (no post-audit changes possible). Endgame launch portfolio (USDS, SKY, sUSDS, LitePSM, LockStake, VoteDelegate, Flappers) audited 2024 by ChainSecurity (5 reviews), Cantina (5 reviews), ABDK, Sherlock. New Chief audited by ChainSecurity (sky-chief-smart-contracts). stUSDS audited ChainSecurity + Cantina Aug 2025. Weekly parameter spell instances not individually audited; template coverage exists.

Sources #

URL
https://developers.skyeco.com/security/security-measures/overview/retrieved 2026-04-28
GitHub
https://github.com/sky-ecosystem/stusdsretrieved 2026-04-28
URL
https://www.chainsecurity.com/security-audit/sky-chief-smart-contractsretrieved 2026-04-28

Methodology #

Count deployed changes to audited bytecode where no subsequent audit or spot-review covers the changed code.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol sky-lending factor RD-F-139 score yellow collected_at 2026-04-28 00:43:18