defirisk.co
rubric v1.7.0

Leaked credential on paste/sentry site

Orca's assessment for RD-F-164 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Leaked credential on paste/sentry site. No leaked credential incident for Orca infrastructure identified in public sources. SECURITY.md directs to Immunefi. No HaveIBeenPwned-style public report of credential dump for orca.so or dev.orca.so. Paste monitoring feed (PasteHunter/GitHub secret scanner continuous) not executed in T-10 static run.

Sources #

  • URL
    Orca SECURITY.md — Immunefi-only disclosure, no credential leak indicatorshttps://github.com/orca-so/whirlpools/blob/main/SECURITY.mdretrieved 2026-05-16
  • Curator note
    T-10 static gap — paste monitoring feedPaste monitoring feed not executed in T-10 static mode; no public report of Orca credential dump found; HaveIBeenPwned and GitHub secret scanner results not availableretrieved 2026-05-16

Methodology #

Determine whether a public paste site, Sentry-alt, or credential-dump references protocol infrastructure endpoints or API keys.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol orca factor RD-F-164 score gray collected_at 2026-05-16 02:39:16