Real-capital social-engineering persona

Yearn Finance's assessment for RD-F-184 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

The Coordinape/Keller DPRK incident (CoinDesk Oct 2024) is the closest known comparator to an F184 social-engineering persona at Yearn. However: (a) Keller's access was restricted to Coordinape, a peripheral payroll coordination tool, not the V3/V2 vault protocol itself; (b) no evidence of >=1M real-capital deposits to Yearn vaults attributed to a social-engineering persona has been publicly documented; (c) F184 requires curator-flagged persona with >=1M real-capital credentialing via cross-source verification not completed. The Drift/UNC4736 comparator involved a higher-confidence, protocol-specific embedding. This assessment is gray pending curator investigation. No red finding warranted at this time.

Sources #

URL
How North Korea Infiltrated the Crypto IndustryCoinDesk DPRK investigation (Yahoo Finance mirror) — Coordinape/Keller incident; banteg confirmation of restricted access; closest F184 comparator at Yearnretrieved 2026-05-16

Methodology #

Determine whether a curator-flagged "team contributor" or "external integrator" persona has ≥$1M of attributed real-capital deposits to the target protocol or peer protocols, potentially used to build credibility ahead of a social-engineering attack.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol yearn-finance factor RD-F-184 score gray collected_at 2026-05-16 08:34:32