**What this measures**
This factor is a Boolean flag triggered when the prior exploit count (RD-F-077) reaches three or more distinct incidents. It is derived deterministically from the hacks database without curator judgment. The chronic flag is the direct input to the CHRONIC badge assignment under rubric v1.7.0, which requires at least three incidents with at least two occurring post-disclosure of the root cause.
**Why it matters**
A protocol with three or more exploits has crossed the threshold from isolated security failure into systemic security deficiency. In the dataset, protocols with three or more incidents share a common profile: incomplete remediation after each incident, failure to commission comprehensive re-audits, and in several cases the same vulnerability class reused across incidents. Platypus Finance suffered three incidents in eight months; Yearn Finance vault iterations were exploited under related logic patterns across years. The chronic flag exists because rubric v1.7.0 cannot treat this pattern the same as a single clean incident with full remediation.
**Green / Yellow / Red**
Green: protocol has two or fewer prior exploits. Yellow: this field has no distinct yellow state; it is Boolean. The yellow gradation for exploit count lives in RD-F-077. Red: three or more prior exploits, triggering the chronic flag regardless of whether same-root-cause applies.
**Common gray cases**
Protocols that share a codebase with a separately-branded sister protocol may dispute whether incidents on nominally-separate deployments count toward one protocol's chronic flag. Curator must establish a consistent protocol-boundary definition and apply it uniformly across all assessments.
**Notable historical examples**
- **Compound Finance** ($147M, 2021): Multiple governance-related incidents across years representing a systemic upgrade-process weakness.
- **Platypus Finance** ($8.5M, 2023): Three incidents in eight months, each exploiting variations of the same collateral accounting pattern.
- **Yearn Finance** ($11M, 2021): Multiple vault exploit incidents across different product lines; chronic flag applies.
- **Value DeFi** ($7M, 2020): Multiple incidents within a short window; chronic flag applies.
Determine whether the protocol has ≥3 distinct incidents in the hack database.
causalVenus Protocol — Donation Attack → Supply Cap Bypass → Collateral Inflation → Recursive Borrow Loop2026-03-15 · $4M · Donation Attack → Supply Cap Bypass → Collateral Inflation → Recursive Borrow Loop · Chronic flag (≥3 prior exploits) [via cross-hack: Factor 59: Three-or-More Exploit History]
→
causalOdin.Fun — AMM Liquidity Manipulation (Governance Token Price Pump + Drain)2025-08-12 · $7M · AMM Liquidity Manipulation (Governance Token Price Pump + Drain) · Chronic flag (≥3 prior exploits) [via cross-hack: Factor 59: Three-or-More Exploit History]
→
causalAlexLab (Bitcoin DeFi / Stacks) — Vault permission hijack via malicious token self-listing; `as-contract` context abuse2025-06-06 · $16M · Vault permission hijack via malicious token self-listing; `as-contract` context abuse · Chronic flag (≥3 prior exploits) [via cross-hack: Factor 5: Second Exploit on Same Protocol]
→
causalAbracadabra Money — Logic bug — phantom collateral / post-liquidation state inconsistency2025-03-25 · $13M · Logic bug — phantom collateral / post-liquidation state inconsistency · Chronic flag (≥3 prior exploits) [via cross-hack: Factor 5: Second Exploit on Same Protocol]
→
causalRadiant Capital — Compromised multisig private keys → malicious contract upgrade → pool ownership transfer → drain2024-10-16 · $53M · Compromised multisig private keys → malicious contract upgrade → pool ownership transfer → drain · Chronic flag (≥3 prior exploits) [via cross-hack: Factor 5: Second Exploit on Same Protocol]
→
causalAbracadabra Money (1st incident — abra-rekt) — ERC-4626 rounding error — borrow share price inflation via repeated borrow/repay → phantom debt drain2024-01-30 · $7M · ERC-4626 rounding error — borrow share price inflation via repeated borrow/repay → phantom debt drain · Chronic flag (≥3 prior exploits) [via cross-hack: Factor 59: Three-or-More Exploit History]
→
causalOnyx Protocol — Compound V2 empty-market donation attack — governance-added PEPE market exploited via rounding + exchange rate inflation2023-10-31 · $2M · Compound V2 empty-market donation attack — governance-added PEPE market exploited via rounding + exchange rate inflation · Chronic flag (≥3 prior exploits) [via cross-hack: Factor 5: Second Exploit on Same Protocol]
→
causalDeus DAO / DEI stablecoin — Mis-ordered Parameters in burnFrom — Public Approval Override2023-05-06 · $7M · Mis-ordered Parameters in burnFrom — Public Approval Override · Chronic flag (≥3 prior exploits) [via cross-hack: Factor 5: Second Exploit on Same Protocol] || Chronic flag (≥3 prior exploits) [via cross-hack: Factor 59: Three-or-More Exploit History]
→
causalLevel Finance — Logic bug — referral reward claimMultiple() epoch not checked for reuse2023-05-01 · $1M · Logic bug — referral reward claimMultiple() epoch not checked for reuse · Chronic flag (≥3 prior exploits) [via cross-hack: Factor 5: Second Exploit on Same Protocol]
→
causalHundred Finance — ERC-4626-style cToken exchange rate manipulation + rounding error2023-04-15 · $7M · ERC-4626-style cToken exchange rate manipulation + rounding error · Chronic flag (≥3 prior exploits) [via cross-hack: Factor 5: Second Exploit on Same Protocol]
→
causalPlatypus Finance — Flash loan + emergencyWithdraw() solvency check bypass — collateral withdrawal without repaying borrowed USP2023-02-16 · $9M · Flash loan + emergencyWithdraw() solvency check bypass — collateral withdrawal without repaying borrowed USP · Chronic flag (≥3 prior exploits) [via cross-hack: Factor 5: Second Exploit on Same Protocol] || Chronic flag (≥3 prior exploits) [via cross-hack: Factor 59: Three-or-More Exploit History]
→
causalMidas Capital — Read-only reentrancy on Curve LP token virtual price — inflated collateral valuation2023-01-15 · $660K · Read-only reentrancy on Curve LP token virtual price — inflated collateral valuation · Chronic flag (≥3 prior exploits) [via cross-hack: Factor 5: Second Exploit on Same Protocol]
→
causalDAO Maker — Reinitializable init() function + emergencyExit() drain on token vesting contracts2021-09-04 · $4M · Reinitializable init() function + emergencyExit() drain on token vesting contracts · Chronic flag (≥3 prior exploits) [via cross-hack: Factor 5: Second Exploit on Same Protocol]
→
causalMerlin Labs (REKT 2) — Oracle Mispricing2021-05-27 · $550K · Oracle Mispricing · Chronic flag (≥3 prior exploits) [via cross-hack: Factor 5: Second Exploit on Same Protocol] || Chronic flag (≥3 prior exploits) [via cross-hack: Factor 59: Three-or-More Exploit History]
→
causalUranium Finance — Math bug — constant product formula check broken by inconsistent parameter change (1000→10000)2021-04-28 · $57M · Math bug — constant product formula check broken by inconsistent parameter change (1000→10000) · Chronic flag (≥3 prior exploits) [via cross-hack: Factor 5: Second Exploit on Same Protocol]
→
causalYearn Finance (yDAI v1 vault) — Flash loan + Curve 3pool spot price manipulation → vault share price arbitrage → DAI drain during migration2021-02-04 · $11M · Flash loan + Curve 3pool spot price manipulation → vault share price arbitrage → DAI drain during migration · Chronic flag (≥3 prior exploits) [via cross-hack: Factor 59: Three-or-More Exploit History]
→
causalValue DeFi — Flash loan + Curve spot price oracle manipulation → inflated collateral → over-borrow drain2020-11-14 · $7M · Flash loan + Curve spot price oracle manipulation → inflated collateral → over-borrow drain · Chronic flag (≥3 prior exploits) [via cross-hack: Factor 59: Three-or-More Exploit History]
→