defirisk.co
rubric v1.7.0

Leaked credential on paste/sentry site

SUNSwap (sun.io)'s assessment for RD-F-164 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No credential leak for sunswap/sun.io infra detected in publicly available sources. Absence of a bug bounty program (not found on Immunefi, HackerOne, Bugcrowd per profile §9) may mean credentials/vulnerabilities leak to paste sites without whitehad incentive to report. Requires paste-site/Sentry credential-dump feed subscription not accessible via web search alone.

Sources #

  • Internal
    SUNSwap profile - bug bounty gap.research/protocols/sunswap/00-profile.md §9 bug bounty not found on Immunefi HackerOne Bugcrowdretrieved 2026-05-17

Methodology #

Determine whether a public paste site, Sentry-alt, or credential-dump references protocol infrastructure endpoints or API keys.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol sunswap factor RD-F-164 score gray collected_at 2026-05-17 14:37:31