defirisk.co
rubric v1.7.0

Ignored bounty disclosure

Chainlink CCIP's assessment for RD-F-008 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No known protocol exploits for CCIP (profile §10 confirms zero incidents). No post-mortem exists. Cannot assess ignored disclosure without any prior incident.

Sources #

  • Internal
    CCIP Protocol Profile §10 Known Incidents.research/protocols/chainlink-ccip/00-profile.md §10 — confirmed zero CCIP incidentsretrieved 2026-05-16

Methodology #

Determine whether any prior post-mortem documents a disclosed vulnerability that was reported to the team and not actioned before exploit.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol chainlink-ccip factor RD-F-008 score gray collected_at 2026-05-16 01:55:09