Ignored bounty disclosure

Jupiter's assessment for RD-F-008 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No evidence of a disclosed vulnerability being reported and ignored pre-exploit. Both known incidents (X account hack Feb 2025, airdrop claim exploit Jan 2024) are operational/frontend events, not smart contract exploits. Data cache confirms no rekt.news incidents. Bug bounty program only ~1 month old — insufficient history for an 'ignored disclosure' pattern.

Sources #

URL
Rekt.news (no Jupiter entry)Rekt.news — no Jupiter entries in the hack database per data cacheretrieved 2026-04-29
URL
Jupiter Bug Bounty — OOOsecooosec.com/programs/jupiter — 10 resolved reports, no ignored disclosure evidenceretrieved 2026-04-29

Methodology #

Determine whether any prior post-mortem documents a disclosed vulnerability that was reported to the team and not actioned before exploit.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol jupiter factor RD-F-008 score green collected_at 2026-04-29 11:51:25