★ Deployer linked within 3 hops to DPRK/Lazarus

GMX v2 (GMX Synthetics)'s assessment for RD-F-125 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No DPRK or Lazarus Group linkage found for any GMX team member, deployer wallet, or admin signer. Web search 'GMX team DPRK Lazarus North Korea' returned only generic Lazarus Group background articles — zero GMX-specific results. July 2025 GMX v1 hack: Halborn, Sherlock, SlowMist, CertIK analyses all describe an unattributed (likely white-hat) attacker who returned 89% of funds; no North Korean attribution across any source. ZachXBT noted Circle did not freeze USDC tied to this exploit but did not attribute to DPRK. OFAC SDN: no GMX team or signer entry. External attackers using GMX as a drain venue do NOT contaminate F125 per scoring instructions. ESCALATION NOT REQUIRED.

Sources #

URL
https://sanctionssearch.ofac.treas.gov/retrieved 2026-05-05
URL
https://en.wikipedia.org/wiki/Lazarus_Groupretrieved 2026-05-05
URL
https://sherlock.xyz/post/gmx-exchange-hack-explainedretrieved 2026-05-05
URL
https://www.halborn.com/blog/post/explained-the-gmx-hack-july-2025retrieved 2026-05-05

Methodology #

Determine whether the deployer address has an on-chain path of ≤3 hops to a Chainalysis/OFAC DPRK-labeled cluster address.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol gmx-v2 factor RD-F-125 score green collected_at 2026-05-05 11:15:06