Avg attacker reconnaissance time for peer-class protocols

stHYPE (Valantis Labs)'s assessment for RD-F-163 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Attacker wallet reconnaissance time before strike (analytical/contextual factor). No prior exploits against stHYPE contracts. For peer-class LST protocols on Hyperliquid, the Drift Protocol April 2026 DPRK exploit (adjacent Hyperliquid ecosystem, $285M) and JELLY/HLP episode (March 2025, Hyperliquid L1) confirm that DPRK/sophisticated actors target Hyperliquid-adjacent protocols. HyperCore opacity limits visibility of reconnaissance at the stake-account level. No stHYPE-specific reconnaissance detected but ecosystem context elevates the prior probability. Yellow: elevated ecosystem reconnaissance risk without stHYPE-specific confirmation.

Sources #

Internal
stHYPE protocol profile — U22 disambiguation and HyperCore opacity note.research/protocols/staked-hype/00-profile.md §10 U22 — Hyperliquid ecosystem incidents not stHYPE incidents; HyperCore opacity limits recon visibilityretrieved 2026-05-17
URL
Drift $285M Exploit — DPRK attribution, Hyperliquid ecosystemDrift Protocol April 2026 DPRK exploit — $285M, adjacent Hyperliquid ecosystem protocolretrieved 2026-05-17

Methodology #

Report the average number of days of attacker reconnaissance activity before a strike on peer-class protocols (lending/DEX/bridge/perps), sourced from the hack database.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol staked-hype factor RD-F-163 score yellow collected_at 2026-05-17 13:02:38