Avg attacker reconnaissance time for peer-class protocols

Veda (BoringVault)'s assessment for RD-F-163 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No Veda-specific exploit incidents exist to compute a protocol-specific reconnaissance time. For yield-vault peer class: USPD baseline is 78 days; Drift Protocol (Apr 2026, $285M, DPRK) involved ~6 months of social engineering prior to exploit. Veda's per-vault-multisig and merkle-verification architecture creates a complex attack surface requiring extended reconnaissance. Curator estimate: 45–90 day reconnaissance window for a sophisticated actor targeting Veda's highest-TVL vault operator. This is a backward-looking analytical factor, not a real-time trigger.

Sources #

URL
DPRK vault-class exploit reconnaissance patternsDrift Protocol $285M DPRK exploit (Apr 2026): ~6 months social engineering reconnaissance before strike — representative of vault-class reconnaissance durationretrieved 2026-05-17

Methodology #

Report the average number of days of attacker reconnaissance activity before a strike on peer-class protocols (lending/DEX/bridge/perps), sourced from the hack database.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol veda factor RD-F-163 score gray collected_at 2026-05-17 12:41:22