Known-threat-actor cluster has touched protocol

Dolomite's assessment for RD-F-158 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

T-09 phase-2 advisory signal, Tier C. The March 2024 exploit attacker wallet (0x5eAA7DaDa44d59549A6c58008b2bd3C7F81d2502) interacted with a Dolomite-branded legacy contract and is exploiter-labeled. No DPRK/Lazarus attribution for this specific event found in public sources (TRM Labs, Chainalysis, Elliptic). Attacker use of TC ≠ team contamination (U4 rule). For current v2 contracts: no known-threat-actor interaction detected in public sources. Dolomite has contracted Chainalysis CIR for incident response monitoring. Yellow: historical exploiter-label against Dolomite brand exists in threat-actor databases; live detection requires Chainalysis/TRM licensed feed not yet deployed.

Sources #

URL
Chainalysis Crypto Incident Response — Dolomitedocs.dolomite.io: Chainalysis CIR contracted for incident response and wallet trackingretrieved 2026-05-16

Methodology #

Detect whether an address from the curator-maintained threat-actor cluster (past exploiters, labeled attacker families) interacted with this protocol in the last 30 days.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol dolomite factor RD-F-158 score yellow collected_at 2026-05-16 11:12:56