Mixer withdrawal → protocol interaction
Yearn Finance's assessment for RD-F-090 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
Signal applicable: Yearn is an EVM protocol with documented history of attacker wallets funded via Tornado Cash (exploits 1-3) and Railgun (exploit 3). Current posture: no confirmed mixer-funded wallet currently interacting with Yearn protocol core contracts within last 30 days identified via public sources. Requires licensed Chainalysis/TRM feed for definitive 30-day window assessment. Historical mixer-funded attackers (post-exploit launder) do not constitute current inbound pre-strike signal. Phase-2 signal not live in production pipeline.
Sources #
- Curator noteT-09 phase-2 gating note for RD-F-090T-09 §3.2: RD-F-090 is phase-2 signal; requires licensed wallet-clustering feed (Chainalysis, TRM) not yet wired into production pipeline. Attribution-feed-dependent.retrieved 2026-05-16
- Yearn hacksdatabase — attacker mixer funding patternhacksdatabase/hacks/yearn-rekt1.md — Tornado Cash funding confirmed (4 preparatory txs listed); hacksdatabase/hacks/yearn2-rekt.md — attacker funded via Tornado Cash; hacksdatabase/hacks/yearn-rekt3.md — attacker seeded via Railgun 30min before attack.retrieved 2026-05-16
Methodology #
Detect whether a wallet that recently withdrew from Tornado Cash, Railgun, or similar mixer has interacted with this protocol.
See the full factor methodology and distribution across all protocols →