Avg attacker reconnaissance time for peer-class protocols

Sky Lending (formerly MakerDAO)'s assessment for RD-F-163 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

CDP/lending class protocols have average reconnaissance time of 14-30 days based on in-house hack DB analysis of the CDP class. Yellow threshold is 7-29 days. Sky's 2020 incidents were opportunistic/governance-mechanics (no 78-day USPD-class pre-strike documented for Sky specifically). At $5.5B TVL, Sky is tier-1 target; the meaningful recon window warrants yellow to prompt monitoring attention.

Sources #

Curator note
methodology note: 78-day USPD pattern from T-01 evidenceretrieved 2026-04-27
Curator note
T-01 hack DB cluster analysis (hack-db-findings.md)retrieved 2026-04-27
Curator note
00-profile.md §10retrieved 2026-04-27

Methodology #

Report the average number of days of attacker reconnaissance activity before a strike on peer-class protocols (lending/DEX/bridge/perps), sourced from the hack database.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol sky-lending factor RD-F-163 score yellow collected_at 2026-04-28 00:43:18