Same-root-cause repeat exploit
Raydium's assessment for RD-F-079 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
Only 1 incident exists. Same-root-cause repeat requires ≥2 incidents in the same cluster. Does not fire. The two Immunefi whitehack findings (CLMM tick manipulation Jan 2024, CPMM liquidity drain May 2025) are pre-exploit discoveries in distinct programs and distinct vulnerability classes — not incidents, not root-cause repeats.
Sources #
- GitHubRaydium Hack Report (proprietary hacksdatabase)hacksdatabase/hacks/raydium-rekt.md — root cause: compromised admin key (single instance)retrieved 2026-04-29
- Raydium Liquidity Drain Bugfix Review — ImmunefiImmunefi liquidity drain bugfix review — different root cause class (rounding bug, CPMM)retrieved 2026-04-29
- Raydium Tick Manipulation Bugfix Review — ImmunefiImmunefi tick manipulation bugfix review — different root cause class (account validation bug, CLMM)retrieved 2026-04-29
Methodology #
Determine whether the protocol has been exploited ≥2 times via the same root-cause cluster.
See the full factor methodology and distribution across all protocols →
rubric_version v1.7.0 protocol raydium factor RD-F-079 score green collected_at 2026-04-29 12:31:55