★ Deployer linked within 3 hops to DPRK/Lazarus
Dolomite's assessment for RD-F-125 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
[CRITICAL] Zero evidence of DPRK/Lazarus/Lazarus-cluster proximity for deployer, Safe signer EOAs, or named team members. Search 'Dolomite OR Corey Caplan OR Adam Knuckey DPRK OR Lazarus OR North Korea' returned only generic Lazarus/DPRK news articles with no Dolomite connection. Corey Caplan is a publicly announced advisor at World Liberty Financial (US presidential family-aligned DeFi project, Sep 2024) and Consensus 2025 speaker - profile is inconsistent with DPRK infiltration pattern. The March 2024 legacy-contract exploit was confirmed external attacker (stale approval reentrancy on pre-2020 contract deprecated 2022), NOT insider/DPRK action per protocol context note U4. OFAC SDN list does not include Dolomite, Leavitt Innovations, or named founders. Chainalysis published DPRK reports do not mention Dolomite. Confidence: medium (3-hop mechanical trace blocked by Arbiscan 403; negative evidence is unambiguous across all open sources).
Sources #
- URLOFAC SDN List - no Dolomite/Caplan/Knuckey entryWeb search 'Dolomite OR Caplan OR Knuckey DPRK OR Lazarus OR North Korea' - no results connecting Dolomite team to DPRK clusterretrieved 2026-05-16
- Dolomite Security Exploit - external attacker confirmedCryptoBriefing incident report confirming March 2024 exploit was external attacker on legacy contract - NOT insider/DPRK actionretrieved 2026-05-16
- WLFI X post - Caplan as US-aligned DeFi advisorWorld Liberty Financial X post naming Corey Caplan as advisor - US-aligned public profile inconsistent with DPRK infiltrationretrieved 2026-05-16
Methodology #
Determine whether the deployer address has an on-chain path of ≤3 hops to a Chainalysis/OFAC DPRK-labeled cluster address.
See the full factor methodology and distribution across all protocols →