DNS/CDN/frontend hash drift
Pendle Finance's assessment for RD-F-105 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
DNS/frontend hash drift signal (v1 phase-2). Threshold: hash of DNS record set, TLS cert, JS bundles, or IPFS CID differs from last-known-good baseline AND no change-management allowlist match. Official domain pendle.finance: nameservers ns49/50.domaincontrol.com, WHOIS last updated 2021-01-27 — consistent with original registration, no evidence of unscheduled DNS change. Confirmed phishing domain pendle-finance.com (registered March 2024, DV SSL) flagged by ScamAdviser — this is a Cat 11 F161 finding (typosquat), not a drift on the official domain. Official frontend posture: clean.
Sources #
- Curator noteCurator note: miller.churchrez.org was a generic third-party WHOIS/site-stats aggregator (not an authoritative WHOIS source) that has gone permanently dead (head_status null, no DNS resolution). The factor RD-F-105 (Cat 7 dev identity / domain authenticity surface) cited this URL for pendle.finance domain age and nameserver evidence. The canonical replacement for WHOIS lookups is ICANN Lookup (https://lookup.icann.org/lookup) or whois.com - but lookups are session-bound and not stable URLs. Recommend re-grading RD-F-105 against the existing co-cited source https://www.scamadviser.com/check-website/pendle-finance.com (which already covers the phishing-detection lens this factor is testing) plus a fresh ICANN lookup at audit time. Original URL preserved here as a reference flag. [dead-link, original: https://miller.churchrez.org/site/pendle.finance/]retrieved 2026-05-06
- pendle-finance.com ScamAdviser Checkpendle-finance.com — confirmed phishing domain, March 2024 registration, flagged by ScamAdviserretrieved 2026-04-29
Methodology #
Detect whether the hash of production frontend JS changes versus the prior published hash, or a DNS config change is detected.
See the full factor methodology and distribution across all protocols →