defirisk.co
rubric v1.7.0

Prior rug/exit-scam affiliation

A dev identity & insider risk factor in the v1.7.0 rubric. Measured per protocol on a s cadence.

Methodology how we score #

**What this measures** This factor records whether any team member is linked via verified OSINT to a prior rug pull or exit-scam-labeled protocol — specifically, a protocol where curator rug lists, post-mortem analysis, or law enforcement records attribute deliberate team-orchestrated theft. Measurement is manual curator OSINT cross-referencing team handles, wallet addresses, and social accounts against maintained rug databases (rekt.news, DeFiYield, Chainalysis labels, and curator-maintained lists). Category 7 context: prior rug affiliation is the most direct insider-risk signal available for protocols where no exploit has yet occurred.

**Why it matters** Exit scams are rarely isolated incidents — teams that successfully rug one protocol often attempt to launch another under a new identity, leveraging the proceeds of the prior scam to seed credibility. The Hope Finance incident ($1.86M) showed all three multisig signers coordinating a drain. Merlin DEX demonstrated how a nominally "audited" protocol with a backdoor-embedded privileged EOA constitutes a planned insider exit. The curator rug database is the primary mechanism for detecting serial bad actors before they acquire new user funds.

**Green / Yellow / Red** Green is scored when OSINT confirms no team member has any association with a prior rug-labeled protocol across all discoverable handles, wallet addresses, and social accounts. Yellow applies when a team member has a distant or unconfirmed association — for instance, they contributed code to a protocol that was later rugged but are not attributed as a principal. Red is scored when any verified OSINT trail links a core team member (founder, lead developer, multisig signer) to a prior confirmed rug or exit scam.

**Common gray cases** Gray is assigned when the team is fully pseudonymous and OSINT cannot progress beyond handles that cannot be cross-referenced against rug databases, or when a potential match exists but curator confidence falls below the attribution threshold.

**Notable historical examples** No cross-hacked incidents currently linked in database for this factor.

Measurement what to look for #

Determine whether any team member is linked via verified OSINT to a prior rug or exit-scam-labeled protocol.

Data & output #

Data source
Curator rug watchlist (cross-referenced with T-01 rug-deployer cluster) + OSINT name/handle matching
Output format
Green / Yellow / Red
Evidence artifact
Team member name/handle + prior protocol name + evidence source URL + curator sign-off
Confidence signal
green = no rug affiliations found; red = confirmed rug affiliation for any team member; gray = team composition unknown (cannot assess)

Scored protocols 80 carry this factor #

Protocol RD-F-115
Aave v3 ethereum green Across Protocol ethereum gray Aerodrome Finance base yellow Axelar Network ethereum green Babylon Protocol bitcoin green Balancer (v2 + v3) ethereum green Beefy Finance ethereum green BENQI avalanche green BlackRock USD Institutional Digital Liquidity Fund (BUIDL) ethereum green Cap (cUSD / stcUSD) ethereum green Centrifuge ethereum green Chainlink CCIP ethereum green Circle USYC binance green Compound V3 (Comet) ethereum green Concrete ethereum green Convex Finance ethereum green crvUSD (Curve Stablecoin) ethereum green Curve Finance ethereum green deBridge ethereum gray Dolomite ethereum green dYdX v4 (dYdX Chain) dydx green EigenLayer ethereum green Ethena ethereum green ether.fi ethereum green Euler V2 ethereum green Falcon Finance ethereum yellow Fluid ethereum green Frax Finance ethereum green GMX v2 (GMX Synthetics) arbitrum green Hyperlane ethereum green Hyperliquid arbitrum green Jito solana green Jupiter solana green Jupiter Perpetual Exchange solana yellow JustLend DAO tron green Kamino Lend solana green Kinetiq hyperliquid green Lido ethereum green Liquid Collective (LsETH) ethereum green Liquity V1 + V2 (LUSD / BOLD) ethereum green Lista DAO bsc green Lombard Finance ethereum green M^0 ethereum green Maple Finance ethereum green Marinade Finance solana green Meteora solana yellow mETH Protocol ethereum green Midas ethereum green Morpho V1 (Morpho Blue + MetaMorpho) ethereum green Multipli ethereum green Ondo Finance ethereum green OpenEden ethereum yellow Orca solana green PancakeSwap bsc green Pendle Finance ethereum green Polymarket polygon green QuickSwap polygon green Raydium solana green Rocket Pool ethereum green Sanctum solana green Save (formerly Solend) solana green Sky Lending (formerly MakerDAO) ethereum green Spark Protocol ethereum green Spiko stellar green Stake DAO ethereum green StakeWise v3 ethereum green Stargate Finance ethereum gray stHYPE (Valantis Labs) hyperliquid green SUNSwap (sun.io) tron green Superstate ethereum green Sushi (SushiSwap) — v2 + v3 + Trident + BentoBox/Kashi + SushiXSwap ethereum yellow Symbiotic ethereum green Synapse Protocol ethereum not_assessed Uniswap (v2 + v3) ethereum green USDD (Decentralized USD) tron green Usual (USD0 / bUSD0 / USUAL) ethereum green Veda (BoringVault) ethereum green Venus Protocol bsc yellow Wormhole ethereum gray Yearn Finance ethereum green
0 red · 7 yellow · 68 green

Linked hacks no historical incidents linked #

No historical incidents are linked to this factor.
rubric_version v1.7.0 factor RD-F-115 category 7 carried 80 critical no