Leaked credential on paste/sentry site

Curve Finance's assessment for RD-F-164 — scored not_assessed on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Requires dedicated paste-site monitoring feed (Pastebin, BreachForums, credential dump monitoring). The May 2025 DNS hijack indicates iwantmyname registrar credentials were compromised — that specific credential leak enabled the attack. Whether those credentials or other Curve infra credentials remain on paste sites is not determinable at static dry-run without a licensed credential-monitoring feed (e.g., SpyCloud, HaveIBeenPwned enterprise). Not assessable at this tier.

Sources #

URL
Domain exploit at Curve Finance — registrar intervenesMay 2025 DNS hijack — iwantmyname registrar credentials compromised; attack method still under investigationretrieved 2026-04-28

Methodology #

Determine whether a public paste site, Sentry-alt, or credential-dump references protocol infrastructure endpoints or API keys.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol curve-v2 factor RD-F-164 score not_assessed collected_at 2026-04-28 19:48:40