Audit firm tier
Wormhole's assessment for RD-F-005 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
Trail of Bits (Tier 1), OtterSec (Tier 1 for Solana/Rust), Zellic (Tier 1 emerging), Cyfrin (Tier 2), Cantina (Tier 2), Neodyme (Tier 1 for Rust/Solana), Runtime Verification (Tier 1 for formal methods), CertiK (Tier 2), Sec3 (Tier 1 for Solana), Sherlock (competitive audit platform). Multi-language coverage with appropriate specialist coverage per language (Rust-specialist OtterSec for Solana, ToB for EVM, Zellic for Move/Aptos).
Sources #
- Curator noteExtracted from 01-code-security.md — RD-F-005 finding; no URL cited in originalretrieved 2026-04-28
Methodology #
Classify each auditing firm into: Tier-1 (Trail of Bits / OpenZeppelin / ConsenSys Diligence / Certora / Sigma Prime / Spearbit / Zellic) / Tier-2 (established, named firm with public track record) / boutique / unknown.
See the full factor methodology and distribution across all protocols →