Same-root-cause repeat exploit

PancakeSwap's assessment for RD-F-079 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Only 1 confirmed on-chain pool incident (BCE/USDT 2025; root cause: malicious fee-on-transfer token). No second incident with same root-cause cluster. DNS hijack (2021) and X hack (2025) share a social-engineering/account-compromise class but are off-chain and caused no on-chain fund loss. No same-root-cause repeat exploit.

Sources #

URL
PancakeSwap BCE/USDT Pool ExploitBCE/USDT exploit (2025) — fee-on-transfer token classretrieved 2026-04-28

Methodology #

Determine whether the protocol has been exploited ≥2 times via the same root-cause cluster.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol pancakeswap factor RD-F-079 score green collected_at 2026-04-28 19:10:57