defirisk.co
rubric v1.7.0

DNS/CDN/frontend hash drift

Rocket Pool's assessment for RD-F-105 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Signal applicable: rocketpool.net is the primary frontend (registered 2017-05-16 via Amazon Registrar; expiry 2027-05-16). January 2024 X/Twitter account compromise redirected users to rocketpool-migrating.net — this was an X account compromise plus separate phishing domain, NOT a DNS hijack of rocketpool.net itself. Frontend JS hash monitoring and DNS drift detection not deployed at T-10. No unscheduled DNS drift of rocketpool.net detected in available data.

Sources #

  • URL
    Eulith — RP URL misdirect hackEulith blog — Rocket Pool URL misdirect hack explanation (Jan 2024 X account compromise, not DNS hijack)retrieved 2026-05-04
  • URL
    Rocket Pool domain WHOISrocketpool.net WHOIS — creation: 2017-05-16, registrar: Amazon Registrar, expiry: 2027-05-16retrieved 2026-05-04

Methodology #

Detect whether the hash of production frontend JS changes versus the prior published hash, or a DNS config change is detected.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol rocket-pool factor RD-F-105 score gray collected_at 2026-05-04 15:40:28