Same-root-cause repeat exploit

Save (formerly Solend)'s assessment for RD-F-079 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Two confirmed incidents have distinct root-cause clusters: (1) Aug 2021 — Solana program account ownership validation failure (access-control / insecure authentication check class); (2) Nov 2022 — single-source oracle price manipulation via thin-liquidity DEX pool (oracle manipulation class). No same-root-cause repeat.

Sources #

URL
2022 Solana Hacks Explained: SolendAckee Blockchain — Nov 2022 oracle manipulation root cause (distinct attack class)retrieved 2026-05-17
URL
Solend Protocol — Hacker Attempts To Steal ~$2M By Manipulating Core ParametersHackMD analysis — Aug 2021 insecure auth check root causeretrieved 2026-05-17

Methodology #

Determine whether the protocol has been exploited ≥2 times via the same root-cause cluster.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol save factor RD-F-079 score green collected_at 2026-05-17 15:20:15