defirisk.co
rubric v1.7.0

Attacker wallet pre-strike probe (low-gas failing txs)

Raydium's assessment for RD-F-159 — scored not_assessed on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Cat 11 threat intel signal (v1-deferred). Solana equivalent of mempool probe: failed transactions or compute-unit-exhausting transactions from threat-actor wallets targeting Raydium core instruction set. The Drift DPRK attack used successful transactions (wash trades, pool seeding) on Raydium, not failing probe transactions. No Solana-equivalent mempool-probe pattern from threat-actor wallets identified against Raydium core programs (AMM v4: 675kPX9..., CLMM: CAMMCzo5..., CPMM: CPMMoo8...) at assessment date. Requires partner feed + Solana RPC subscription for production monitoring.

Sources #

  • URL
    $285M Gone in 12 Minutes — Crypto TimesDrift April 2026: DPRK used successful transactions (CVT pool seeding, wash trading) on Raydium — no failing probe transactions against Raydium programs identifiedretrieved 2026-04-29
  • Etherscan
    Raydium AMM v4 Program — SolscanRaydium AMM v4 program: 675kPX9MHTjS2zt1qfr1NYHuzeLXfQM9H24wFSUt1Mp8 (Solscan); no anomalous failing transaction patterns observedretrieved 2026-04-29

Methodology #

Detect whether a wallet in a threat-actor cluster is sending low-gas or intentionally-failing transactions to this protocol (pre-strike reconnaissance pattern).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol raydium factor RD-F-159 score not_assessed collected_at 2026-04-29 12:31:55