DNS/CDN/frontend hash drift
QuickSwap's assessment for RD-F-105 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
Confirmed prior exploit class: May 14, 2022, GoDaddy DNS hijack — attacker social-engineered GoDaddy support to modify DNS, ran phishing frontend ~5h, $107,600.68 user loss. QuickSwap migrated DNS to Cloudflare registrar/DNS post-attack (per blog post-mortem). Current SSL issued by Google Trust Services (valid per May 2026 WHOIS data). No publicly confirmed JS-bundle hash-baseline monitoring in place. Hexagate governance vote passed September 2023 (community voted in favour); renewal proposal October/November 2024 — phishing/frontend monitoring was listed as a Hexagate capability. If Hexagate is active, this signal may be partially covered. Implementation status not definitively confirmed from public sources. Score: yellow — infrastructure improved, prior exploit class confirmed, hash-baseline monitoring posture uncertain.
Sources #
- URLQuickSwap GoDaddy Domain Hijack blog postQuickSwap GoDaddy domain hijack post-mortem: May 14 2022, $107,600.68 loss, DNS modification via social engineering, migrated to more secure DNS platform post-attackretrieved 2026-05-16
- QuickSwap GoDaddy hijack — Medium postMedium version: QuickSwap GoDaddy domain hijack details — $107,600.68 total loss; Gandi key management compromise was root cause; migrated DNS to new providerretrieved 2026-05-16
- QuickSwap Hexagate renewal governance proposalHexagate renewal proposal October/November 2024 — $25K/yr USDC from DAO treasury; covers phishing, frontend compromise monitoringretrieved 2026-05-16
- QuickSwap Hexagate governance discussion blogHexagate governance implementation vote: community voted in favour September 2023; QuickSwap listed as Algebra DEX in Hexagate coverageretrieved 2026-05-16
Methodology #
Detect whether the hash of production frontend JS changes versus the prior published hash, or a DNS config change is detected.
See the full factor methodology and distribution across all protocols →