Insurance coverage active

Superstate's assessment for RD-F-089 — scored red on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No active smart-contract insurance coverage found. Immunefi API shows program_exists = false. No Nexus Mutual, Sherlock, or Unslashed cover found for USTB or USCC. At $1.11B TVL, absence of proportionate on-chain coverage is the primary Cat 5 risk finding. Structural for RWA-issuer class (circle-usyc and spiko both carry F089 red). Off-chain custodianship (BNY Mellon for Treasuries) does not substitute for on-chain smart-contract cover.

Sources #

Internal
Superstate Protocol Profile §900-profile.md §9 — No Immunefi or Cantina program found; disclosure via security@superstate.co onlyretrieved 2026-05-16
URL
Immunefi Bug Bounty Programs — no Superstate entryImmunefi API — no Superstate program foundretrieved 2026-05-16
Internal
Superstate Data Cache00-data-cache.json — immunefi.program_exists = falseretrieved 2026-05-15

Methodology #

Determine whether active coverage on Nexus Mutual, Unslashed, Sherlock, or equivalent is in force; record cover size in USD.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol superstate factor RD-F-089 score red collected_at 2026-05-16 00:06:37