Prior known-ignored disclosure

Beefy Finance's assessment for RD-F-177 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No post-mortem or incident record documents a disclosed vulnerability that was reported to Beefy and then ignored or not actioned before an exploit. The five adjacent events in the incident register were not preceded by ignored bug reports. The 2021-04-22 BUNNY coding error was detected internally by the team, not by an external reporter who was ignored. The 2024 Sonne Finance event was rooted in Sonne's contracts, not Beefy's. Green — no evidence of prior known-ignored disclosure.

Sources #

URL
Beefy Finance Incident Report: CAKE+DRUGS 2020-11-032020-11-03 incident report — upstream PancakeSwap bug, not an ignored Beefy disclosureretrieved 2026-05-16
URL
Beefy Finance Incident Report: BUNNY rescue (2021-04)BUNNY rescue incident report — coding error detected internally, not via external bug report; no evidence of ignored disclosureretrieved 2026-05-16

Methodology #

Determine whether evidence exists in prior-incident post-mortems that a disclosed vulnerability was reported to the team and not actioned before exploit.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol beefy factor RD-F-177 score green collected_at 2026-05-16 13:10:30