defirisk.co
rubric v1.7.0

New contract with similar bytecode to exploit template

Sanctum's assessment for RD-F-094 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No exploit-template contracts targeting Sanctum's SPL stake-pool mechanics or Infinity multi-LST AMM found in public security research. Hacksdatabase grep returns zero Sanctum-specific entries; Rekt leaderboard has no Sanctum entries; DefiLlama protocol page records no incidents in 34-month operating history. The signal does not fire — no exploit-template precedent class exists for Sanctum's architecture.

Sources #

  • URL
    DefiLlama Sanctum EndpointDefiLlama protocol/sanctum — no incidents recordedretrieved 2026-05-04
  • Curator note
    Curator note: This URL points to the curator's own (private/non-existent) RiskProduct repo and was an erroneous self-citation that should not have been recorded as a primary source for protocol assessment. Original URL preserved here as a reference flag. The factors RD-F-078, 079, 080, 087 (governance/admin lineage cluster) should rely on their other source citations; if this was the only source for a factor, that factor must be re-graded with proper third-party evidence (Rocket Pool DAO forum at dao.rocketpool.net, RPIPs repo at github.com/rocket-pool/RPIPs, or governance-admin-analyst re-invocation). [dead-link, original: https://github.com/0x_Abdul/RiskProduct]retrieved 2026-05-06
  • URL
    Rekt LeaderboardRekt leaderboard — no Sanctum entries (data-cache.json sources.rekt.incidents: [])retrieved 2026-05-04

Methodology #

Detect whether a freshly deployed contract has high bytecode similarity to a known exploit template targeting this protocol class.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol sanctum factor RD-F-094 score green collected_at 2026-05-04 18:49:23