Protocol-impersonator domain registered (typosquat)

Cap (cUSD / stcUSD)'s assessment for RD-F-161 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

F161 typosquat/protocol-impersonator domain assessment for cap.app. 'cap' is a 3-letter, extremely common English word with very high potential for confusable domains (cap-app.io, capdapp.com, getcap.app, capprotocol.com, etc. would all be trivially registerable). The 90-day window requires domain-registration-date-to-2026-05-17 delta — this delta cannot be computed without a WHOIS API or domain-monitoring feed (persistent gap per process learnings). OSINT web searches for 'cap.app typosquat phishing impersonation' returned only general phishing guidance articles; no Cap-specific typosquat incident was found in public reporting. Absence of public incident ≠ clean posture for a protocol of this TVL ($342M) and short brand name. Risk rating elevated to yellow because: (a) short, common-word domain creates trivially high confusable-domain surface; (b) WHOIS monitoring feed absent; (c) no domain monitoring allowlist established per T-09 RD-F-105 prerequisites. Registration-date-to-assessme

Sources #

URL
Typosquatting reference (no Cap-specific incidents found in search)Web search 2026-05-17: 'cap.app typosquat phishing impersonation domain DeFi 2025 2026' — no Cap-specific resultsretrieved 2026-05-17
Docs
Cap App — official domaincap.app — official domain (confirmed live)retrieved 2026-05-17

Methodology #

Determine whether a typosquat of the official protocol domain has been registered in the last 90 days.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol cap factor RD-F-161 score yellow collected_at 2026-05-17 10:56:24