defirisk.co
rubric v1.7.0

Known-exploit function-selector replay

Chainlink CCIP's assessment for RD-F-095 — scored not_applicable on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No prior exploit of CCIP exists in the hack database; therefore no known-exploit selector replay template exists for CCIP specifically. CCIP has 0 protocol exploits in 34 months of operation. Wormhole-class (ecrecover zero-address) and Nomad-class (bytes32(0) root) templates do not apply to CCIP's distinct OCR + RMN architecture. Factor is not applicable by construction — it requires a prior exploit to generate a template.

Sources #

  • Internal
    Chainlink CCIP profile — incidents section.research/protocols/chainlink-ccip/00-profile.md §10 — confirmed zero protocol exploits; hack DB grep returned 15 files all referencing price feed manipulations, not CCIP lane exploitsretrieved 2026-05-16

Methodology #

Detect whether a call-pattern matches a known-exploit replay template (specific selector sequence and calldata shape) against this protocol.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol chainlink-ccip factor RD-F-095 score not_applicable collected_at 2026-05-16 01:55:09