Known-threat-actor cluster has touched protocol

stHYPE (Valantis Labs)'s assessment for RD-F-158 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Known-threat-actor wallet cluster touches protocol (T-09 v1, phase 2, tier C). Applicable on HyperEVM surface. No DPRK/Lazarus-labeled wallet interaction with stHYPE HyperEVM contracts found in public OSINT. Web searches for Valantis/stHYPE + Lazarus/DPRK returned no hits. Drift Protocol April 2026 DPRK exploit and Hyperliquid JELLY/HLP episode are ecosystem events that do not implicate stHYPE team addresses (U22 disambiguation applied). Requires Chainalysis/TRM cluster feed on HyperEVM not available at assessment time.

Sources #

URL
Valantis stHYPE documentationstHYPE profile §10 — U22 disambiguation: Hyperliquid ecosystem incidents not stHYPE incidentsretrieved 2026-05-17
URL
Decrypt — LayerZero pins KelpDAO hack on Lazarus (no stHYPE mention)OSINT search — no Valantis/stHYPE + DPRK/Lazarus connection found in public reportingretrieved 2026-05-17

Methodology #

Detect whether an address from the curator-maintained threat-actor cluster (past exploiters, labeled attacker families) interacted with this protocol in the last 30 days.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol staked-hype factor RD-F-158 score gray collected_at 2026-05-17 13:02:38