defirisk.co
rubric v1.7.0

Contributor OSINT depth score

A dev identity & insider risk factor in the v1.7.0 rubric. Measured per protocol on a s cadence.

Methodology how we score #

**What this measures** This factor produces a curator-scored 1–5 depth score for each core contributor, based on the richness and independent corroborability of their online presence: LinkedIn profile depth (employment history, connections, endorsements), GitHub history (account age, contribution volume, fork and star patterns), conference or media presence, and any independent third-party references. The per-contributor scores are averaged to produce a team-level OSINT depth metric. Category 7 context: OSINT depth is a consolidated signal that partially overlaps with RD-F-112 (accountability surface count) but emphasizes depth and independence of evidence rather than breadth.

**Why it matters** A team member with a high-follower Twitter account and a LinkedIn profile created in the past six months with generic employment entries represents a different risk than one with a ten-year GitHub history, endorsed LinkedIn connections from verifiable prior colleagues, and three conference talk recordings. The distinction matters for assessing whether identity signals are genuine or fabricated. DPRK IT worker profiles consistently score low on OSINT depth — LinkedIn profiles are typically sparse, GitHub accounts are new, and conference references are absent. Legitimate senior DeFi contributors typically score 4–5 across all three evidence dimensions.

**Green / Yellow / Red** Green is scored when the team average OSINT depth score is 4 or above — multiple contributors with rich, independently corroborated online histories. Yellow applies when the average falls in the 2–3 range — some verifiable history exists but it is limited in depth or relies on easily-fabricated platforms. Red is scored when the team average falls below 2 — most or all contributors have shallow or unverifiable online presences inconsistent with the experience level claimed.

**Common gray cases** Gray is assigned when the curator cannot complete the OSINT assessment within the evidence budget because the team has not disclosed sufficient identity information to begin the scoring process.

**Notable historical examples** No cross-hacked incidents currently linked in database for this factor.

Measurement what to look for #

Curator-scored 1–5 based on LinkedIn depth, GitHub history, conference presence per contributor.

Data & output #

Data source
LinkedIn + GitHub + conference archives (OSINT)
Output format
Green / Yellow / Red
Evidence artifact
Score per team member + supporting evidence URLs
Confidence signal
green = average score ≥4; yellow = average score 2–3; red = average score 1 or no contributors scoreable; gray = team composition unknown

Scored protocols 80 carry this factor #

Protocol RD-F-121
Aave v3 ethereum green Across Protocol ethereum gray Aerodrome Finance base yellow Axelar Network ethereum green Babylon Protocol bitcoin green Balancer (v2 + v3) ethereum green Beefy Finance ethereum yellow BENQI avalanche yellow BlackRock USD Institutional Digital Liquidity Fund (BUIDL) ethereum green Cap (cUSD / stcUSD) ethereum yellow Centrifuge ethereum green Chainlink CCIP ethereum green Circle USYC binance green Compound V3 (Comet) ethereum green Concrete ethereum green Convex Finance ethereum yellow crvUSD (Curve Stablecoin) ethereum yellow Curve Finance ethereum green deBridge ethereum gray Dolomite ethereum green dYdX v4 (dYdX Chain) dydx green EigenLayer ethereum green Ethena ethereum yellow ether.fi ethereum green Euler V2 ethereum green Falcon Finance ethereum yellow Fluid ethereum green Frax Finance ethereum green GMX v2 (GMX Synthetics) arbitrum yellow Hyperlane ethereum green Hyperliquid arbitrum yellow Jito solana green Jupiter solana yellow Jupiter Perpetual Exchange solana green JustLend DAO tron yellow Kamino Lend solana green Kinetiq hyperliquid yellow Lido ethereum green Liquid Collective (LsETH) ethereum green Liquity V1 + V2 (LUSD / BOLD) ethereum green Lista DAO bsc yellow Lombard Finance ethereum green M^0 ethereum green Maple Finance ethereum green Marinade Finance solana green Meteora solana yellow mETH Protocol ethereum yellow Midas ethereum green Morpho V1 (Morpho Blue + MetaMorpho) ethereum green Multipli ethereum yellow Ondo Finance ethereum green OpenEden ethereum green Orca solana green PancakeSwap bsc yellow Pendle Finance ethereum green Polymarket polygon green QuickSwap polygon yellow Raydium solana yellow Rocket Pool ethereum green Sanctum solana green Save (formerly Solend) solana yellow Sky Lending (formerly MakerDAO) ethereum green Spark Protocol ethereum green Spiko stellar green Stake DAO ethereum yellow StakeWise v3 ethereum yellow Stargate Finance ethereum gray stHYPE (Valantis Labs) hyperliquid yellow SUNSwap (sun.io) tron yellow Superstate ethereum green Sushi (SushiSwap) — v2 + v3 + Trident + BentoBox/Kashi + SushiXSwap ethereum yellow Symbiotic ethereum green Synapse Protocol ethereum yellow Uniswap (v2 + v3) ethereum green USDD (Decentralized USD) tron yellow Usual (USD0 / bUSD0 / USUAL) ethereum yellow Veda (BoringVault) ethereum green Venus Protocol bsc yellow Wormhole ethereum gray Yearn Finance ethereum green
0 red · 30 yellow · 46 green

Linked hacks no historical incidents linked #

No historical incidents are linked to this factor.
rubric_version v1.7.0 factor RD-F-121 category 7 carried 80 critical no