Same-root-cause repeat exploit

Polymarket's assessment for RD-F-079 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Nov 2025 phishing (social engineering via comment links) and Dec 2025 auth breach (backend authentication provider) are both auth-surface incidents but have distinct attack vectors and root causes. No same-root-cause cluster repeat at the smart-contract level. Scoring green.

Sources #

URL
Polymarket Nov 2025 phishing incidentNov 2025 phishing — comment section / social engineering vectorretrieved 2026-04-29
URL
Polymarket Dec 2025 auth breachDec 2025 auth breach — third-party provider backend compromise, distinct vectorretrieved 2026-04-29

Methodology #

Determine whether the protocol has been exploited ≥2 times via the same root-cause cluster.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol polymarket factor RD-F-079 score green collected_at 2026-04-29 16:25:39