defirisk.co
rubric v1.7.0

Prior known-ignored disclosure

GMX v2 (GMX Synthetics)'s assessment for RD-F-177 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No evidence found that a disclosed vulnerability was reported to GMX and ignored before exploitation. The July 2025 v1 reentrancy was introduced by an unintended side-effect of a 2022 security patch (confirmed by PeckShield analysis) — not a case of a known-but-ignored disclosure. The 2022 Collider VC bug ($0 loss, bounty paid) demonstrates the team acted promptly on a reported vulnerability. Abracadabra March 2025 was Abracadabra's own bug. No post-mortem or third-party report documents a 'reported to GMX and ignored' pattern. Score = green.

Sources #

  • URL
    https://www.halborn.com/blog/post/explained-the-gmx-hack-july-2025retrieved 2026-05-05

Methodology #

Determine whether evidence exists in prior-incident post-mortems that a disclosed vulnerability was reported to the team and not actioned before exploit.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol gmx-v2 factor RD-F-177 score green collected_at 2026-05-05 11:15:06