★ Deployer linked within 3 hops to DPRK/Lazarus

M^0's assessment for RD-F-125 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

GREEN — critical factor. 3-hop chain from deployer terminates at Coinbase 3 (regulated US exchange, no OFAC SDN or Lazarus label). OFAC SDN web search for named founders and deployer EOA: no hits. Web search 'M^0 OR MZero OR Luca Prosperi DPRK OR Lazarus OR North Korea': zero relevant results. Note: U4 guard applied — attacker using M0 as a drain venue does not constitute team DPRK linkage (no Cat 5 incident on M0 of this type). Confidence: medium-high at OSINT tier. No paid Chainalysis/Arkham cluster feed consulted; paid-feed check would be the authoritative confirmation. No escalation to orchestrator required.

Sources #

URL
M^0 Protocol — DPRK search negative (no adverse results)DPRK/Lazarus web search — zero relevant results for M0/MZero/Prosperi DPRK associationretrieved 2026-05-16
Etherscan
Intermediate Funder EOA — Funded By Coinbase 3Intermediate EOA funded by Coinbase 3 — 2-hop from deployer; Coinbase 3 is not OFAC/Lazarus-labeledretrieved 2026-05-16

Methodology #

Determine whether the deployer address has an on-chain path of ≤3 hops to a Chainalysis/OFAC DPRK-labeled cluster address.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol m0 factor RD-F-125 score green collected_at 2026-05-16 09:46:19