defirisk.co
rubric v1.7.0

Auditor re-engaged after last exploit

Uniswap (v2 + v3)'s assessment for RD-F-083 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No prior protocol-level exploits on V2 or V3. Methodology: gray = no prior exploits (N/A). Ongoing preventive audits (Trail of Bits 2021, ABDK 2021, Cantina ongoing) are not post-exploit re-engagements. V2: gray. V3: gray. Combined: gray.

Detail #

Auditor-re-engaged-after-exploit requires a prior protocol-level exploit. Zero direct exploits have occurred. Uniswap V2 was audited by dapp.org pre-launch (2020). V3 was audited by Trail of Bits and ABDK pre-launch (2021). Cantina bug bounty provides ongoing engagement. These are preventive, not post-exploit. Score: gray (N/A by methodology).

Sources #

  • Curator note
    Profile §8 — preventive audits only; no post-exploit re-engagement appliesNo protocol-level exploit occurred; F083 N/A by methodologyretrieved 2026-05-12

Methodology #

Determine whether a reputable auditor performed a re-audit or incident review after the most recent exploit.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol uniswap factor RD-F-083 score gray collected_at 2026-05-12 10:36:11