★ Deployer linked within 3 hops to DPRK/Lazarus

stHYPE (Valantis Labs)'s assessment for RD-F-125 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Deployer 1-hop neighbor is Hyperliquid System Address (0x2222...2222), a Hyperliquid protocol-level infrastructure contract — no OFAC SDN list hit, no Chainalysis/public Lazarus cluster label. Web search for 'Thunderhead stHYPE DPRK Lazarus North Korea' returned zero relevant results. Web search for 'Valantis Labs Deven Matthews Eduardo Carvalho DPRK rug hack' returned zero relevant results. The Bybit Feb 2025 and Kelp DAO Apr 2026 Lazarus incidents used Hyperliquid ecosystem as a settlement venue — per U4 rule, these are NOT team identity contamination events. Safe signers 2–6 not individually traced (HyperEVM Safe API gap), but no affirmative DPRK evidence exists to elevate to yellow or red.

Sources #

URL
stakedhype: Deployer | HyperEVMScanDeployer funding trace — Hyperliquid System Address (0x2222...2222) confirmed as 1-hop; no OFAC/Lazarus labels on explorerretrieved 2026-05-17
URL
Lazarus And The Kelp Hack — yellow.com researchLazarus Group Kelp DAO incident (Apr 2026) — uses Hyperliquid as settlement venue; unrelated to stHYPE team identity per U4 ruleretrieved 2026-05-17

Methodology #

Determine whether the deployer address has an on-chain path of ≤3 hops to a Chainalysis/OFAC DPRK-labeled cluster address.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol staked-hype factor RD-F-125 score green collected_at 2026-05-17 13:02:38