Ignored bounty disclosure

Raydium's assessment for RD-F-008 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Two Immunefi criticals (tick manipulation Jan 2024, liquidity drain Mar 2025) patched promptly before exploitation. Dec 2022 incident was operational key compromise, not an ignored code disclosure. No evidence of any ignored disclosure.

Sources #

URL
Immunefi Raydium liquidity drain fix confirmationImmunefi liquidity drain bugfix reviewretrieved 2026-04-29
URL
Immunefi Raydium tick manipulation fix confirmationImmunefi tick manipulation bugfix reviewretrieved 2026-04-29

Methodology #

Determine whether any prior post-mortem documents a disclosed vulnerability that was reported to the team and not actioned before exploit.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol raydium factor RD-F-008 score green collected_at 2026-04-29 12:31:55