Leaked credential on paste/sentry site

Save (formerly Solend)'s assessment for RD-F-164 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Leaked credential on paste/sentry site matching protocol infra. Applicable: Solend operates off-chain infrastructure (Discord admin credentials, GitHub CI/CD tokens, off-chain keeper bot keys). No public paste-site or credential-dump entries referencing Solend/Save infrastructure found in available public sources as of 2026-05-17. Requires dedicated paste-site monitoring feed (Pastebin, GHDB, HaveIBeenPwned, Sentry-alt scans). Not implemented.

Sources #

URL
Save protocol — bug bounty page (security contact)Solend official security contact: security@solend.fi — off-chain infrastructure exists (Discord, GitHub Actions, keeper bots)retrieved 2026-05-17

Methodology #

Determine whether a public paste site, Sentry-alt, or credential-dump references protocol infrastructure endpoints or API keys.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol save factor RD-F-164 score gray collected_at 2026-05-17 15:20:15