defirisk.co
rubric v1.7.0

Flash loan >$10M targeting protocol tokens

Meteora's assessment for RD-F-100 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Cat 6B exploit-in-progress signal (T-09 v1 phase-2 signal). No flash-loan-class attack against Meteora programs identified. Solana does not have EVM-equivalent atomic flash loan primitives (Aave/Balancer flashLoan), though composable transactions within a single Solana transaction can achieve similar effects. Meteora DLMM pools are not flash loan sources in the EVM sense. No documented composability-exploit targeting Meteora programs in the hacks database or public sources. The LIBRA token collapse involved liquidity manipulation by alleged insiders, not an external flash-loan attack.

Sources #

  • Internal
    Meteora 00-profile.md section 10 (Known incidents)00-profile.md §10: No Meteora or Mercurial smart-contract exploits found in hacks database (grep returned zero results). Rekt incidents: []. DefiLlama hacks: [].retrieved 2026-05-16
  • URL
    Meteora on Solana: Project Review, Programs, Token, MetricsSolanaCompass Meteora project listing: no flash-loan exploit documented; Meteora has 0 contract exploits in the hacks DB per profile §10retrieved 2026-05-16

Methodology #

Detect whether a flash loan >$10M denominated in protocol tokens or LP tokens has originated, likely to interact with this protocol.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol meteora factor RD-F-100 score green collected_at 2026-05-16 10:03:05