New contract with similar bytecode to exploit template

Yearn Finance's assessment for RD-F-094 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

New contract deployment with similar bytecode to Yearn protocol target. Applicable: V3 VaultFactory create2 deployments produce identifiable bytecode patterns; exploit 3 (yETH 2023-11) used helper contracts that self-destructed to erase bytecode. No new similar-bytecode deploy targeting Yearn identified via public sources as of 2026-05-16. Requires on-chain bytecode sweep. production pipeline signal not yet implemented.

Sources #

Curator note
T-09 v2-deferred note for similar-bytecode signalT-09 §3.3: F104 (new contract with similar bytecode) overlaps F96 and is v2-deferred pending exploit-template DB.retrieved 2026-05-16
Internal
Yearn rekt3 hacksdatabase — attacker helper contract patternhacksdatabase/hacks/yearn-rekt3.md: 'Helper contracts deployed minutes before the attack handled the heavy lifting, then self-destructed to erase bytecode.' Pattern: similar-bytecode helper contracts could be detectable pre-self-destruct.retrieved 2026-05-16

Methodology #

Detect whether a freshly deployed contract has high bytecode similarity to a known exploit template targeting this protocol class.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol yearn-finance factor RD-F-094 score gray collected_at 2026-05-16 08:34:32