Sybil surge of identical-pattern transactions

Hyperliquid's assessment for RD-F-097 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

The JELLY incident (March 26, 2025) involved coordinated actions on Bybit CEX external to Hyperliquid smart contracts, not a sybil surge of identical-pattern transactions on Bridge2 or HyperCore EVM contracts. No sybil surge pattern documented for Bridge2 or L1 interactions. Signal does not fire.

Sources #

URL
https://www.halborn.com/blog/post/explained-the-hyperliquid-hack-march-2025retrieved 2026-04-28

Methodology #

Detect multiple new EOAs submitting identical transaction patterns within a short window (sybil setup pattern).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol hyperliquid factor RD-F-097 score gray collected_at 2026-04-28 13:58:49