Sybil surge of identical-pattern transactions

Sanctum's assessment for RD-F-097 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No sybil surge patterns targeting Sanctum programs identified in public sources. No Sanctum security team alerts about unusual transaction pattern bursts. Hacksdatabase grep + Rekt leaderboard + DefiLlama all confirm no exploit-class events from which sybil-surge signal templates would be derived. Signal does not fire today.

Sources #

URL
DefiLlama Sanctum EndpointDefiLlama protocol/sanctum — no incidents recordedretrieved 2026-05-04
Curator note
Curator note: This URL points to the curator's own (private/non-existent) RiskProduct repo and was an erroneous self-citation that should not have been recorded as a primary source for protocol assessment. Original URL preserved here as a reference flag. The factors RD-F-078, 079, 080, 087 (governance/admin lineage cluster) should rely on their other source citations; if this was the only source for a factor, that factor must be re-graded with proper third-party evidence (Rocket Pool DAO forum at dao.rocketpool.net, RPIPs repo at github.com/rocket-pool/RPIPs, or governance-admin-analyst re-invocation). [dead-link, original: https://github.com/0x_Abdul/RiskProduct]retrieved 2026-05-06
URL
Rekt LeaderboardRekt leaderboard — no Sanctum entries (data-cache.json sources.rekt.incidents: [])retrieved 2026-05-04

Methodology #

Detect multiple new EOAs submitting identical transaction patterns within a short window (sybil setup pattern).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol sanctum factor RD-F-097 score green collected_at 2026-05-04 18:49:23