defirisk.co
rubric v1.7.0

New ERC-20 approval to unverified contract from whale

Balancer (v2 + v3)'s assessment for RD-F-096 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

New ERC-20 approval to unverified contract from whale | Applicable: Partial — user-level approvals to router/Permit2 | No new approvals from top-TVL Balancer LPs to unverified contracts detected in assessment window. September 2023 DNS/BGP exploit was exactly this vector — users approving Angel Drainer malicious contract when visiting hijacked app.balancer.fi. No current instance of large LP granting approval to unverified contract detected. Permit2 (0x000...22D473) is whitelisted v3 integrator. | Threshold: Top-TVL depositor grants new token approval to unverified contract interacting with Balancer | Would fire: No

Sources #

  • URL
    https://cointelegraph.com/news/balancer-social-engineering-attack-dns-provider-frontend-hijackretrieved 2026-05-05

Methodology #

Detect whether a top-TVL depositor grants a new token approval to an unverified contract that interacts with this protocol.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol balancer factor RD-F-096 score gray collected_at 2026-05-05 12:41:36