Real-capital social-engineering persona
Balancer (v2 + v3)'s assessment for RD-F-184 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
No curator flag or OSINT evidence of any 'contributor' or 'external integrator' persona deploying ≥$1M of attributed real capital to build credibility ahead of a social-engineering attack on Balancer. The November 2025 $128M exploit was a pure smart contract vulnerability (rounding error in Stable Math library); the September 2023 frontend incident was a DNS/BGP social-engineering attack on the EuroDNS registrar — neither fits the UNC4736/Drift class of real-capital credibility-building persona. P1 M-only factor per taxonomy batch-24. GRAY per Drift comparator: attribution requires curator confidence beyond on-chain trail; no positive evidence to anchor a green and no adverse signal to anchor yellow.
Sources #
- URLBalancer DNS Security Incident Post-Mortem — MediumBalancer DNS security incident post-mortem (2023-09) — DNS/BGP attack on EuroDNS registrar, not contributor personaretrieved 2026-05-05
- Balancer Rekt2 — Rekt.newsRekt.news Balancer rekt2 — November 2025 exploit analysis confirming smart contract vulnerability classretrieved 2026-05-05
- Balancer Hack Analysis — Trail of BitsTrail of Bits Balancer hack analysis (2025-11-07) — confirms smart contract vulnerability, not social engineering of teamretrieved 2026-05-05
Methodology #
Determine whether a curator-flagged "team contributor" or "external integrator" persona has ≥$1M of attributed real-capital deposits to the target protocol or peer protocols, potentially used to build credibility ahead of a social-engineering attack.
See the full factor methodology and distribution across all protocols →