defirisk.co
rubric v1.7.0

Video-off/voice-consistency flag

A dev identity & insider risk factor in the v1.7.0 rubric. Measured per protocol on a s cadence.

Methodology how we score #

**What this measures** This factor records whether the protocol team has declined video-on participation in public interviews or recorded calls, or whether voice patterns and stated timezone are inconsistent across public appearances. Measurement is manual curator observation: the curator reviews any recorded public appearances by team members (podcasts, AMAs, conference talks, Twitter Spaces) and flags video-off behavior, accent or language inconsistencies relative to stated geography, or reluctance to appear on camera across multiple occasions. Category 7 context: video-off behavior is an explicit behavioral indicator in DPRK developer-implant detection playbooks.

**Why it matters** US, EU, and crypto-ecosystem investigators have documented video-off behavior as one of several consistent traits of DPRK IT workers posing as remote developers. FBI and DOJ guidance on DPRK freelancer risk specifically calls out consistent video-off behavior, accent inconsistencies, and avoidance of in-person or synchronous video contact as warning signs. The Drift Protocol incident ($285M, April 2026) involved UNC4736 building credibility through in-person conference attendance — a deviation from the video-off pattern, underscoring that sophisticated actors adapt tactics and this signal should not be treated as definitive.

**Green / Yellow / Red** Green is scored when core team members have multiple public recorded video appearances with face-on camera, voices consistent with stated geography, and no documented reluctance to appear synchronously. Yellow applies when some team members have appeared on video but others consistently decline or when only audio appearances are available. Red is scored when all core team members have consistently declined video participation across multiple public appearances despite operating a high-TVL protocol with active community expectations.

**Common gray cases** Gray is assigned when the protocol has no public interview history (too new or low-profile to have generated AMAs), making this signal inapplicable, or when the entire team is explicitly pseudonymous and video-off is the stated policy rather than an anomaly.

**Notable historical examples** No cross-hacked incidents currently linked in database for this factor.

Measurement what to look for #

Record whether the team has declined video in public interviews, or exhibits voice/timezone inconsistencies suggesting false identity.

Data & output #

Data source
Curator observation of public interviews (YouTube, podcast appearances) + notes
Output format
Green / Yellow / Red
Evidence artifact
Curator note with interview URL + specific observation
Confidence signal
green = team has on-camera video presence in ≥2 recent public appearances; yellow = voice-only but consistent identity across appearances; red = video declined in all known appearances, or voice/timezone inconsistency flagged; gray = no public interview appearances

Scored protocols 80 carry this factor #

Protocol RD-F-120
Aave v3 ethereum green Across Protocol ethereum gray Aerodrome Finance base green Axelar Network ethereum green Babylon Protocol bitcoin green Balancer (v2 + v3) ethereum green Beefy Finance ethereum green BENQI avalanche green BlackRock USD Institutional Digital Liquidity Fund (BUIDL) ethereum green Cap (cUSD / stcUSD) ethereum green Centrifuge ethereum green Chainlink CCIP ethereum green Circle USYC binance green Compound V3 (Comet) ethereum green Concrete ethereum green Convex Finance ethereum gray crvUSD (Curve Stablecoin) ethereum green Curve Finance ethereum green deBridge ethereum gray Dolomite ethereum green dYdX v4 (dYdX Chain) dydx green EigenLayer ethereum green Ethena ethereum green ether.fi ethereum green Euler V2 ethereum green Falcon Finance ethereum yellow Fluid ethereum green Frax Finance ethereum green GMX v2 (GMX Synthetics) arbitrum yellow Hyperlane ethereum green Hyperliquid arbitrum green Jito solana green Jupiter solana green Jupiter Perpetual Exchange solana green JustLend DAO tron gray Kamino Lend solana green Kinetiq hyperliquid gray Lido ethereum green Liquid Collective (LsETH) ethereum green Liquity V1 + V2 (LUSD / BOLD) ethereum green Lista DAO bsc gray Lombard Finance ethereum green M^0 ethereum green Maple Finance ethereum green Marinade Finance solana green Meteora solana green mETH Protocol ethereum green Midas ethereum yellow Morpho V1 (Morpho Blue + MetaMorpho) ethereum green Multipli ethereum green Ondo Finance ethereum green OpenEden ethereum green Orca solana green PancakeSwap bsc gray Pendle Finance ethereum green Polymarket polygon green QuickSwap polygon green Raydium solana yellow Rocket Pool ethereum green Sanctum solana green Save (formerly Solend) solana gray Sky Lending (formerly MakerDAO) ethereum green Spark Protocol ethereum green Spiko stellar green Stake DAO ethereum green StakeWise v3 ethereum green Stargate Finance ethereum gray stHYPE (Valantis Labs) hyperliquid gray SUNSwap (sun.io) tron green Superstate ethereum green Sushi (SushiSwap) — v2 + v3 + Trident + BentoBox/Kashi + SushiXSwap ethereum green Symbiotic ethereum green Synapse Protocol ethereum yellow Uniswap (v2 + v3) ethereum green USDD (Decentralized USD) tron green Usual (USD0 / bUSD0 / USUAL) ethereum green Veda (BoringVault) ethereum green Venus Protocol bsc green Wormhole ethereum gray Yearn Finance ethereum yellow
0 red · 6 yellow · 63 green

Linked hacks no historical incidents linked #

No historical incidents are linked to this factor.
rubric_version v1.7.0 factor RD-F-120 category 7 carried 80 critical no