Days since last exploit

Hyperliquid's assessment for RD-F-080 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Last exploit-class incident: 2025-03-26 (JELLY). Days since: approximately 398 days as of 2026-04-28. Borderline at 12-month (365-day) threshold. Calling yellow conservatively: attacker extracted profit (~$2.76M) and the root-cause class (permissionless listing + thin CEX oracle coverage) is only partially mitigated.

Sources #

URL
https://hyperliquid-co.gitbook.io/wiki/introduction/roadmap/incident/2025-26-03retrieved 2026-04-28
URL
https://www.halborn.com/blog/post/explained-the-hyperliquid-hack-march-2025retrieved 2026-04-28

Methodology #

Measure the number of days between today and the most recent incident for this protocol (0 if an incident is currently active).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol hyperliquid factor RD-F-080 score yellow collected_at 2026-04-28 13:58:49