defirisk.co
rubric v1.7.0

New contract with similar bytecode to exploit template

Save (formerly Solend)'s assessment for RD-F-094 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

New BPF/SBF program deployment with bytecode similarity to Solend's lending program. Applicable to Solana: BPF program deployments are on-chain and detectable. T-09 phase-2 signal (deferred). No public reports of a Solend-clone attack-template BPF program deployed in trailing 90 days. The Aug 2021 exploit used Solend's own `UpdateReserveConfig` instruction — a similar-bytecode clone of Solend could be used to test attacks against its account structure. Pipeline to scan new BPF program deployments for bytecode similarity has not been built.

Sources #

  • URL
    T-09 Real-Time Signals Specification — v2/deferred table F104T-09 v3.3 deferred signals — F104 new-contract-similar-bytecode deferred; 'PH; overlaps with F171 (code-similarity)'retrieved 2026-05-17
  • URL
    Solend Main Lending Program on SolscanSolend main lending program on Solscan — bytecode reference for similarity baselineretrieved 2026-05-17

Methodology #

Detect whether a freshly deployed contract has high bytecode similarity to a known exploit template targeting this protocol class.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol save factor RD-F-094 score gray collected_at 2026-05-17 15:20:15