defirisk.co
rubric v1.7.0

Bridge tracks nonce-consumed mapping

Sushi (SushiSwap) — v2 + v3 + Trident + BentoBox/Kashi + SushiXSwap's assessment for RD-F-153 — scored not_applicable on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Replay protection (nonce-consumed mapping) is handled by Stargate/LayerZero at the protocol layer. Sushi does not implement a bridge inbox or replay-prevention mechanism. Factor applies to bridge operators.

Sources #

  • GitHub
    SushiXSwap v2 GitHubsushiswap/sushixswap-v2 — no bridge inbox or nonce mapping in Sushi adapter coderetrieved 2026-05-17

Methodology #

Determine whether the bridge inbox maintains a nonce-consumed mapping and rejects replay of used nonces.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol sushi factor RD-F-153 score not_applicable collected_at 2026-05-16 19:50:37