Real-capital social-engineering persona

dYdX v4 (dYdX Chain)'s assessment for RD-F-184 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No curator-flagged evidence of a team contributor or external integrator persona deploying >=1M USDC/USD real capital to dYdX Chain to build credibility ahead of a social-engineering attack. The Feb-2026 npm/PyPI attack vector was external credential theft against package registries -- not a 6-month social-engineering capital-deployment buildup (the Drift/UNC4736-class pattern that motivates this factor). F184 is a P1 manual (M) curation factor requiring curator OSINT confidence beyond on-chain trail. No positive evidence of the Drift-class pattern. Scored gray (requires_curator_input) pending curator review. Comparator: Drift Protocol (the F184 motivating case) suffered confirmed 6-month in-person social-engineering with >=1M real capital deposits; no analogous pattern identified for dYdX v4.

Sources #

URL
Malicious dYdX Packages Published to npm and PyPI After Main Account CompromiseSocket.dev attack analysis -- credential theft vector, not social-engineering capital-deployment patternretrieved 2026-05-17
URL
Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT MalwareHacker News -- npm/PyPI attack details, external credential theftretrieved 2026-05-17

Methodology #

Determine whether a curator-flagged "team contributor" or "external integrator" persona has ≥$1M of attributed real-capital deposits to the target protocol or peer protocols, potentially used to build credibility ahead of a social-engineering attack.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol dydx-v4 factor RD-F-184 score gray collected_at 2026-05-17 09:58:47