defirisk.co
rubric v1.7.0

Avg attacker reconnaissance time for peer-class protocols

Circle USYC's assessment for RD-F-163 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No prior USYC/Hashnote security incidents (profile section 10: zero incidents). No peer-class comparison data available in hack DB for permissioned RWA token exploits. The USPD 78-day baseline applies to DeFi protocols; for admin-key-compromise class attacks on regulated token issuers, the reconnaissance period may be weeks to months (Bybit class: multi-week build-up; Drift DPRK class: months). Curator derivation from analogous incidents required for a baseline.

Sources #

  • Internal
    circle-usyc profile - no prior incidents00-profile.md section 10 - no security incidents identified for USYC or Hashnote; hack DB grep returned no matchesretrieved 2026-05-16

Methodology #

Report the average number of days of attacker reconnaissance activity before a strike on peer-class protocols (lending/DEX/bridge/perps), sourced from the hack database.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol circle-usyc factor RD-F-163 score gray collected_at 2026-05-15 21:56:43