defirisk.co
rubric v1.7.0

Flash loan >$10M targeting protocol tokens

Spiko's assessment for RD-F-100 — scored not_applicable on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Spiko has no lending market, no governance token with flash-loan-feasible voting weight, and no permissionless pools. Flash-loan attacks require an oracle or governance surface exploitable via borrowed capital. Spiko's NAV is pushed by permissioned oracle-operator addresses; governance is corporate (no token voting). WHITELISTED group gating blocks flash-loan subscription arb. No flash-loan attack surface exists by protocol architecture.

Sources #

  • Docs
    Spiko Smart Contracts — permission architectureSpiko Permission Manager: MINTER/BURNER roles are permissioned; WHITELISTED group enforces transfer gating. No governance token. No lending market.retrieved 2026-05-16
  • Internal
    Spiko data cache — no lending, no governance00-data-cache.json sources.defillama borrow.present: false; governance.governor_address: nullretrieved 2026-05-16

Methodology #

Detect whether a flash loan >$10M denominated in protocol tokens or LP tokens has originated, likely to interact with this protocol.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol spiko factor RD-F-100 score not_applicable collected_at 2026-05-15 22:52:13