Prior known-ignored disclosure

Hyperliquid's assessment for RD-F-177 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No evidence found in post-mortems or public reporting that a disclosed vulnerability was ignored before being exploited. The JELLY attack was a novel economic attack vector, not a previously-disclosed-then-ignored bug. The DPRK flag (Dec 2024) was an external researcher alert that Hyperliquid Labs acted on by deploying screening tooling. No pattern of ignored disclosures identified.

Sources #

URL
https://blockworks.com/news/hyperliquid-security-fuels-decentralization-concernsretrieved 2026-04-28
URL
https://www.coindesk.com/markets/2024/12/23/hyper-liquid-sees-record-60-m-in-usdc-flee-as-north-korea-said-to-be-probing-perpetuals-exchangeretrieved 2026-04-28
URL
https://hyperliquid-co.gitbook.io/wiki/introduction/roadmap/incident/2025-26-03retrieved 2026-04-28

Methodology #

Determine whether evidence exists in prior-incident post-mortems that a disclosed vulnerability was reported to the team and not actioned before exploit.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol hyperliquid factor RD-F-177 score green collected_at 2026-04-28 13:58:49