Real-capital social-engineering persona

Curve Finance's assessment for RD-F-184 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No evidence of a team contributor or external integrator persona with >=USD 1M of real-capital deposits used to build credibility ahead of social-engineering attack on Curve. Both major Curve incidents (July 2023 Vyper compiler exploit; August 2022 DNS hijack) were technical/infrastructure attacks — not insider social engineering. The Drift Protocol reference case for F184 (DPRK UNC4736 real-capital persona, 6-month build-up) has no analogous evidence at Curve. Egorov's personal $85-100M CRV-backed loans were personal finance, not a social-engineering setup.

Sources #

URL
August 10 2022: Curve Frontend Hacked | Curve SubstackCurve August 2022 DNS hijackretrieved 2026-04-28
URL
$285M Drift Hack Traced to Six-Month DPRK Social Engineering | The Hacker NewsDrift DPRK social engineering — F184 reference clusterretrieved 2026-04-28
URL
Curve Pool Reentrancy Exploit Postmortem | LlamaRiskCurve July 2023 postmortem — technical exploitretrieved 2026-04-28

Methodology #

Determine whether a curator-flagged "team contributor" or "external integrator" persona has ≥$1M of attributed real-capital deposits to the target protocol or peer protocols, potentially used to build credibility ahead of a social-engineering attack.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol curve-v2 factor RD-F-184 score green collected_at 2026-04-28 19:48:40