Avg attacker reconnaissance time for peer-class protocols

Dolomite's assessment for RD-F-163 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

For the March 2024 Dolomite exploit: attacker wallet funded from Tornado Cash relayer (reltor.eth, 0x4750BCfcC340AA4B31be7e71fa072716d28c29C5) 12 days before the March 20, 2024 strike (funding approximately March 8). Reconnaissance window: 12 days. This is a focused pre-strike funding pattern — shorter than USPD 78-day class reconnaissance but longer than same-day flash-loan attacks. The exploit targeted a legacy contract with stale approvals (passive reconnaissance via blockchain history reading), not active mempool probing. Yellow: non-zero reconnaissance window confirmed; shorter than USPD class, suggesting an opportunistic rather than nation-state-class attack against the legacy surface.

Sources #

URL
Hacker Exploits Flaw in Dolomite Project, Steals $1.8M in USDCCryptoTimes: Dolomite hacker exploits flaw, $1.8M stolen in USDCretrieved 2026-05-16
URL
Exploits on Layerswap and Dolomite Lead to Major LossesCoinPaper: attacker wallet funded from Tornado Cash relayer 12 days before Dolomite exploitretrieved 2026-05-16

Methodology #

Report the average number of days of attacker reconnaissance activity before a strike on peer-class protocols (lending/DEX/bridge/perps), sourced from the hack database.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol dolomite factor RD-F-163 score yellow collected_at 2026-05-16 11:12:56