DNS/CDN/frontend hash drift

PancakeSwap's assessment for RD-F-105 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Elevated historical risk posture. 2021 GoDaddy DNS hijack confirmed (CoinDesk, Mar 2021) — direct compromise of pancakeswap.finance DNS through GoDaddy account takeover. Domain has since migrated to MarkMonitor (enterprise-grade registrar, Fortune 500 standard, substantially higher security than GoDaddy consumer tier). No current DNS drift detected. Active typosquat ecosystem: web2.pancake.run is a live drainer portal flagged by 14 security vendors as of 2026. Monitoring infrastructure (phase-2 signal) not yet deployed. Domain registrar improvement is material mitigation, but ongoing typosquat activity and historical precedent warrant yellow.

Sources #

URL
pancakeswap.finance registrar: MarkMonitor Inc.webchart.org domain registrar inforetrieved 2026-04-28
URL
web2.pancake.run — active crypto drainer portal (14 vendor flags, 2026)phishdestroy.io typosquat drainerretrieved 2026-04-28
URL
DeFi Projects Cream Finance, PancakeSwap Hit With DNS HijacksCoinDesk 2021 DNS hijackretrieved 2026-04-28

Methodology #

Detect whether the hash of production frontend JS changes versus the prior published hash, or a DNS config change is detected.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol pancakeswap factor RD-F-105 score yellow collected_at 2026-04-28 19:10:57