Protocol-impersonator domain registered (typosquat)

Rocket Pool's assessment for RD-F-161 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

F161 registration-date-to-assessment-date delta (explicit): Official domain rocketpool.net registered 2017-05-16; assessment date 2026-05-04; domain age = 8 years 11 months 18 days (long-established, no risk). Confirmed phishing domain: rocketpool-migrating.net used in January 2024 X account compromise attack. Delta from confirmed phishing domain creation (approx Jan 2024) to assessment (May 2026) = approximately 16 months — outside the strict 90-day factor window. However: (1) brand impersonation is an elevated risk for top-20 DeFi protocols; (2) prior confirmed campaign demonstrates active targeting; (3) domain monitoring not configured at T-10 so no 90-day confirmation available. Scored yellow: elevated brand-attack surface confirmed by prior event; no production monitoring to confirm or deny current 90-day registrations.

Sources #

URL
rocketpool.net WHOISrocketpool.net WHOIS — creation date 2017-05-16, Amazon Registrar, expiry 2027-05-16retrieved 2026-05-04
URL
https://crypto.news/rocket-pools-x-account-compromised/retrieved 2026-05-06
URL
Eulith — RP URL misdirect hackEulith — rocketpool-migrating.net phishing domain used in Jan 2024 X account compromiseretrieved 2026-05-04

Methodology #

Determine whether a typosquat of the official protocol domain has been registered in the last 90 days.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol rocket-pool factor RD-F-161 score yellow collected_at 2026-05-04 15:40:28