defirisk.co
rubric v1.7.0

Same-root-cause repeat exploit

Uniswap (v2 + v3)'s assessment for RD-F-079 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Zero direct protocol exploits. Same-root-cause repeat is structurally impossible at 0 incidents. The V2 TWAP consumer pattern (multiple downstream protocols misusing V2 TWAP) does not constitute a V2 protocol failure repeat per the scoping instruction. Combined: green.

Detail #

Same-root-cause repeat requires ≥2 incidents with matching root-cause cluster. With zero direct protocol exploits on V2 or V3, the condition cannot be met. The scoping instruction explicitly states F079 does NOT fire for this protocol. The V2 TWAP oracle consumer failure pattern (Visor Finance Dec 2021, Inverse Finance Apr 2022 and Jun 2022) involves three separate consumer protocols each failing to validate oracle manipulation cost — but these are failures of consumer codebases, not V2. V2's TWAP accumulator worked as designed in all three cases. Score: green.

Sources #

  • URL
    Rekt.news leaderboardRekt.news — no Uniswap protocol entries; same-root-cause check moot at 0 incidentsretrieved 2026-05-11
  • URL
    DeFiLlama HacksDeFiLlama hacks — no Uniswap V2/V3 entriesretrieved 2026-05-11

Methodology #

Determine whether the protocol has been exploited ≥2 times via the same root-cause cluster.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol uniswap factor RD-F-079 score green collected_at 2026-05-12 10:36:11