TVL anomaly — % drop in <1h

Raydium's assessment for RD-F-098 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Cat 6B exploit-in-progress signal [T-09 v1 launch]. TVL at $1.007B as of 2026-04-29 (DeFiLlama API). 30d trend: +1.47%. Threshold: TVL_now / TVL_baseline_30d < 0.70 over 60-minute window. Current ratio: ~1.014 (far above 0.70). No anomaly. DeFiLlama tracks Raydium-AMM and Raydium-CLMM sub-slugs; Solana TVL polling is technically feasible for signal wiring. Signal not yet wired for Raydium specifically. Lead-time evidence from Dec 2022 hack: PRISM detected anomalous pool behavior ~40 min before Raydium's official response — consistent with a TVL-level signal firing with meaningful lead time. Post-exploit, Raydium migrated to Squads multisig which requires 3/4 approval + 24hr timelock for admin functions — any future admin-key-driven drain would now be preceded by a detectable multisig event, adding lead time that the 2022 attack lacked.

Sources #

URL
DeFiLlama API — Raydium ProtocolDeFiLlama API: TVL $1,007,087,741, +1.47% 30d changeretrieved 2026-04-29
URL
Raydium Detailed Post-MortemHack DB: Dec 2022 attack — PRISM flagged 40 min before official Raydium response, no automated TVL monitoring in place at attack timeretrieved 2026-04-29

Methodology #

Detect whether TVL drops >X% within 1 hour versus the trailing 30-day baseline (X configurable per protocol TVL tier).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol raydium factor RD-F-098 score green collected_at 2026-04-29 12:31:55