★ Deployer linked within 3 hops to DPRK/Lazarus
Euler V2's assessment for RD-F-125 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
No confirmed DPRK/Lazarus proximity within 3 hops for the Euler Labs deployer or any named team member wallet. Team directors are UK/Canadian/American/Polish nationals registered with UK Companies House. The V1 exploit hacker (an external attacker) sent 100 ETH to a Ronin-linked Lazarus address in March 2023; this is adversarial external action, not a team-wallet interaction. The V1 hacker subsequently returned all ~$197M, strongly inconsistent with DPRK state-sponsored actors. Chainalysis did not confirm DPRK attribution to the V1 exploit. OFAC SDN: no Euler Labs team wallet identified on SDN list.
Sources #
- URLChainalysis — Euler Finance Flash Loan Attack AnalysisChainalysis Euler Finance flash loan attack blog — no confirmed DPRK attribution to V1 exploitretrieved 2026-05-04
- Bitcoinist — Lazarus-Euler connection analysis (external attacker, not team)CoinLive/Bitcoinist articles on Euler-Lazarus connection — confirm external attacker (not team) and contested attribution (funds returned = anti-DPRK)retrieved 2026-05-04
- Companies House — Euler Labs Ltd (director nationalities)Companies House Euler Labs Ltd directors — British/Canadian/American/Polish nationals; no OFAC-linked individualsretrieved 2026-05-04
Methodology #
Determine whether the deployer address has an on-chain path of ≤3 hops to a Chainalysis/OFAC DPRK-labeled cluster address.
See the full factor methodology and distribution across all protocols →