Contributor paid to DPRK-cluster wallet

Raydium's assessment for RD-F-122 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No contributor wallet address publicly linked to any Raydium team member identified. No on-chain payment path to a DPRK-labeled cluster identified. The Drift Protocol April 2026 DPRK exploit used Raydium pools as execution infrastructure (attacker-created fake token seeded a Raydium pool), but this is adversarial use of open protocol — not a payment from Raydium to a DPRK cluster. No public reporting (TRM, Chainalysis, ZachXBT) links any Raydium contributor wallet to DPRK cluster.

Sources #

URL
North Korean Hackers Attack Drift Protocol In USD 285 Million Heist | TRMTRM Labs — Drift Protocol DPRK hack. Raydium used as execution venue, not team proximity.retrieved 2026-04-29
URL
Lessons from the Drift Hack | ChainalysisChainalysis — Drift hack lessons. No Raydium team DPRK link.retrieved 2026-04-29

Methodology #

Determine whether protocol payments to any contributor wallet have an on-chain path ≤3 hops to a known DPRK-labeled cluster.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol raydium factor RD-F-122 score green collected_at 2026-04-29 12:31:55