Ignored bounty disclosure

Babylon Protocol's assessment for RD-F-008 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No evidence of a disclosed vulnerability being ignored before exploitation. OZ April 2026 disclosure was handled via direct outreach and confirmed/fixed promptly. SECURITY.md documents 48-hour acknowledgement commitment. Rekt database shows zero incidents. Data cache hacks field empty.

Sources #

GitHub
Babylon SECURITY.mdSECURITY.md (48-hour acknowledgement)retrieved 2026-05-04
URL
State Changes at the Boundary: Lessons From Security Research on BabylonOZ research blog (fixes confirmed)retrieved 2026-05-04

Methodology #

Determine whether any prior post-mortem documents a disclosed vulnerability that was reported to the team and not actioned before exploit.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol babylon-protocol factor RD-F-008 score green collected_at 2026-05-04 19:43:27