Real-capital social-engineering persona

Sanctum's assessment for RD-F-184 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No curator-flagged social-engineering persona identified for Sanctum. The Drift Protocol April 2026 exploit (UNC4736/DPRK) used real capital to build Solana-ecosystem credibility but targeted Drift, not Sanctum — no Sanctum connection found. Data-cache hacks: []. Profile §11 raises no social-engineering flag for Sanctum. F184 is curator-flagged M-only P1; no active curator flag has been set. Cannot affirmatively rule out via OSINT alone but no signal present. Gray per leave-no-trace pattern guidance.

Sources #

Curator note
No social-engineering persona flagged; data-cache hacks: []; profile §11 no DPRK signalF184 leave-no-trace: no curator flag set for Sanctumretrieved 2026-05-04
URL
$285M Drift hack — UNC4736 targeted Drift, not SanctumThe Hacker News — Drift Protocol DPRK exploit confirmed separateretrieved 2026-05-04

Methodology #

Determine whether a curator-flagged "team contributor" or "external integrator" persona has ≥$1M of attributed real-capital deposits to the target protocol or peer protocols, potentially used to build credibility ahead of a social-engineering attack.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol sanctum factor RD-F-184 score gray collected_at 2026-05-04 18:49:23