defirisk.co
rubric v1.7.0

Chainlink aggregator min/max bound misconfig

Wormhole's assessment for RD-F-060 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Chainlink aggregator min/max bound misconfig | Applicable only to peripheral consumer contracts. Not applicable to Core Bridge. For peripheral feeds (data cache): 19 Chainlink feeds detected across various pairs/chains; whether any consuming contract applies min/max bounds misconfiguration is unknown without inspecting the peripheral contract source. Gap for peripheral contracts only. | Data cache oracle_feeds list; Core Bridge Messages.sol has no Chainlink call | YELLOW (peripheral gap)

Sources #

  • Curator note
    Extracted from 03-oracle-deps.md — RD-F-060; no URL citedretrieved 2026-04-28

Methodology #

Determine whether the Chainlink aggregator's `minAnswer` and `maxAnswer` circuit-breaker bounds are misconfigured (too wide or too narrow) for the asset class.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol wormhole factor RD-F-060 score gray collected_at 2026-04-28 01:38:43