defirisk.co
rubric v1.7.0

Known-exploit function-selector replay

Cap (cUSD / stcUSD)'s assessment for RD-F-095 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

T-09 v2-deferred signal. No live selector-pattern monitor. Cap uses UUPS proxies with upgradeToAndCall and initialize selectors — known exploit-replay surface. No specific known-exploit-template replay pattern detected via OSINT.

Sources #

  • Internal
    T-09 — F96 (exploit-template selector replay) deferred rationaleresearch/outputs/09-realtime-signals.md §3.3 v2/deferred table (F96 entry)retrieved 2026-05-17

Methodology #

Detect whether a call-pattern matches a known-exploit replay template (specific selector sequence and calldata shape) against this protocol.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol cap factor RD-F-095 score gray collected_at 2026-05-17 10:56:24