Prior exploit count

Dolomite's assessment for RD-F-077 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

One confirmed incident: 2024-03-20, approximately $1.8M (1,245,271 USDC + 94,423 DAI + 165.9 WETH) from 187 victims. Legacy pre-2020 Ethereum contract (DolomiteMarginProtocol, address starting 0xe2466) exploited via stale approvals through Loopring Trade Delegate and missing reentrancy guard in OrderHelper.check(). Current v2 system unaffected. Full user restitution: 90% recovered from exploiter by 2024-03-24, 10% covered by Dolomite treasury; all users made whole by 2024-03-26. Hacksdatabase: no Dolomite entry. Rekt: incidents: []. One exploit with full recovery = yellow.

Sources #

URL
Legacy Smart Contract Vulnerability: Post Mortem AnalysisDolomite Legacy Smart Contract Vulnerability Post Mortem Analysis — Corey Caplan, published 2024-03-29retrieved 2026-05-16
URL
2024 Dolomite Hack: Check If You're AffectedRevoke.cash Dolomite exploit page — deprecated contract 0xe2466 identificationretrieved 2026-05-16

Methodology #

Count the number of distinct incidents in the hack database affecting this protocol.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol dolomite factor RD-F-077 score yellow collected_at 2026-05-16 11:12:56