Post-exploit response score

Venus Protocol's assessment for RD-F-081 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Curator scored most recent incident response (2026-03-15 THE exploit) on four dimensions: (1) Compensation completeness 1/5 — bad debt repayment proposal posted 2026-03-20 but vote/execution outcome unconfirmed; liquidated users not compensated. (2) Disclosure transparency 3/5 — post-mortem in 2 days, root cause stated, contracts named; Code4rena finding not acknowledged; no code diff linked. (3) Root-cause analysis depth 3/5 — attack flow technically described; systemic cross-deployment issue not addressed in post-mortem. (4) Operational recovery speed 4/5 — borrows paused ~3h post-attack; collateral factors zeroed on 6 markets; bad debt governance proposal within 5 days. Composite: ~2.75 = yellow (score 2-3 range).

Sources #

URL
Venus Protocol — Rekt IVRekt.news — Venus response timeline details including pause timingretrieved 2026-04-28
URL
Explained: The Venus Protocol Hack (March 2026) — HalbornHalborn post explaining Venus team response actions after March 2026 exploitretrieved 2026-04-28
Governance
BNB Chain THE Market Bad Debt Repayment ProposalVenus bad debt repayment proposal posted 2026-03-20retrieved 2026-04-28
Governance
THE Market Incident Post-MortemVenus THE market incident post-mortem published 2026-03-17 (2 days post-incident)retrieved 2026-04-28

Methodology #

Curator-score (1–5) the most recent incident response on: compensation completeness, transparency of disclosure, root-cause analysis depth, and operational recovery speed.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol venus factor RD-F-081 score yellow collected_at 2026-04-28 18:30:49