defirisk.co
rubric v1.7.0

Avg attacker reconnaissance time for peer-class protocols

M^0's assessment for RD-F-163 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No peer-class attacker reconnaissance data available for RWA-stablecoin infrastructure protocols (M^0 class). Analogues (Centrifuge, Ondo, Circle/USYC, Superstate) have no documented major exploit history from which reconnaissance timelines could be derived. General DPRK/Lazarus reconnaissance windows range 30-78 days for other protocol classes (Drift: 6 months pre-strike for social engineering; USPD: 78 days) but cannot be directly applied to RWA stablecoin infrastructure without same-class peer evidence.

Sources #

  • Internal
    M0 protocol profile — no peer-class reconnaissance data for RWA stablecoin infrastructureProtocol profile: no M0 incidents; web search found no exploits of comparable RWA-stablecoin protocols (circle-usyc, spiko, superstate, centrifuge). Drift Protocol 78-day/6-month DPRK reconnaissance pattern is different protocol class (Solana perps, not RWA stablecoin).retrieved 2026-05-16

Methodology #

Report the average number of days of attacker reconnaissance activity before a strike on peer-class protocols (lending/DEX/bridge/perps), sourced from the hack database.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol m0 factor RD-F-163 score gray collected_at 2026-05-16 09:46:19