{ "schemaVersion": "1.0", "disclaimer": "Self-audit companion file. NOT a third-party formal audit of the listed protocols; these are public incident summaries with ASPE Labs applicability notes.", "source": "OPS-014 — External Hack Registry & Lessons Learned (append-only, cadence: monthly or on-hack-external)", "sourceDoc": "docs/ops/OPS-014_external-hack-registry.md", "reportVersion": "2.0", "lastUpdated": "2026-04-21", "count": 31, "note": "Each entry has: id, date, protocol, chain, attackVector, amountLostUsd, amountRecoveredUsd, timeWindow, rootCause, reference, auditors, attribution, aspeRelevance (our applicability), aspeGap (exposed gap, if any), aspeMitigation (what we do about it). Columns aspeRelevance/aspeGap/aspeMitigation are live — revised as our architecture evolves. Date + amounts + rootCause are historical facts and immutable.", "hacks": [ { "id": "HACK-0001", "date": "2023-03-13", "protocol": "Euler Finance", "chain": "Ethereum", "attackVector": "Donation attack + self-liquidation", "amountLostUsd": "197000000", "amountRecoveredUsd": "197000000", "timeWindow": "<5min", "rootCause": "donate() sin health check + dynamic liquidation penalty permite auto-liquidarse con 20% discount", "reference": "Cyfrin deep-dive", "auditors": "Halborn, Solidified, ZK Labs, Certora (6 audits)", "attribution": "crime-unattributed", "aspeRelevance": "High", "aspeGap": "Verificar totalAssets() no usa balanceOf(address(this)) naked → IMPL-012 T3.2 covered (virtual shares OZ 5.2.0 + accounting interno)", "aspeMitigation": "IMPL-012 S3a SA1-SA9 PASS; OZ decimalsOffset=6" }, { "id": "HACK-0025", "date": "2020+", "protocol": "ERC4626 inflation attack (pattern)", "chain": "Any", "attackVector": "Donation pre-first-deposit manipula ratio 1-wei/share", "amountLostUsd": "null", "amountRecoveredUsd": "null", "timeWindow": "unknown", "rootCause": "Primer depositante + donation gigante → subsequent deposits round to 0 shares", "reference": "OZ novel defense", "auditors": "Pattern-level", "attribution": "unknown", "aspeRelevance": "Critical", "aspeGap": "Primer deposit adversarial S1 test → IMPL-012 T2.1 S1 PASS", "aspeMitigation": "OZ 5.2.0 virtual shares offset=6; seed deposit operador pre-abierto al público (IMPL-028)" }, { "id": "HACK-0007", "date": "2024-09-03", "protocol": "Penpie (Pendle)", "chain": "Ethereum/Arbitrum", "attackVector": "Reentrancy via permissionless pool registration + callback en batchHarvestMarketRewards", "amountLostUsd": "27000000", "amountRecoveredUsd": "0", "timeWindow": "<5min", "rootCause": "Callback externo sin reentrancy guard en multi-step state machine", "reference": "Penpie post-mortem", "auditors": "AstraSec (scope parcial)", "attribution": "crime-unattributed", "aspeRelevance": "High", "aspeGap": "Async redemption requestRedeem → Claimable → Claimed tiene multi-step; cada step necesita CEI + nonReentrant", "aspeMitigation": "IMPL-012 T2.1 S3+S7 PASS (nonReentrant + SafeERC20, no callback vector con USDC)" }, { "id": "HACK-0006", "date": "2025-11-03", "protocol": "Balancer V2 Composable Stable Pools", "chain": "Multi-chain", "attackVector": "Rounding asymmetry en _upscaleArray", "amountLostUsd": "128000000", "amountRecoveredUsd": "0", "timeWindow": "~1h", "rootCause": "Upscale round-down vs downscale round-up → precision loss ~10% cuando balance en rango 8-9 wei", "reference": "ToB analysis, Certora", "auditors": "ToB, Certora (multiple historical)", "attribution": "crime-unattributed", "aspeRelevance": "High", "aspeGap": "Fee model Yearn V3 + convertToShares/convertToAssets: verificar rounding direction consistente (user round-down, vault round-up per ERC4626 spec)", "aspeMitigation": "IMPL-012 T3.2 SA1-SA9 + S1 boundary tests; re-verificar en SEC-004 S4 con matriz direccional explícita" }, { "id": "HACK-0026", "date": "2025-09", "protocol": "Bunni (Uniswap v4 hook)", "chain": "Ethereum", "attackVector": "Withdrawal rounding error → protocol shutdown", "amountLostUsd": "8400000", "amountRecoveredUsd": "0", "timeWindow": "~6h", "rootCause": "Rounding en withdraw permite extracción incremental", "reference": "Various 2025 postmortems", "auditors": "Si (pre-hack)", "attribution": "crime-unattributed", "aspeRelevance": "High", "aspeGap": "Withdrawal via claim pro-rata + full emergency claim; boundary tests (0, 1, max-1) obligatorios", "aspeMitigation": "IMPL-012 S2 fuzz testFuzz_emergency_proRata 1000+ runs; ampliar con convertToAssets(convertToShares(x)) <= x invariante en SEC-004" }, { "id": "HACK-0003", "date": "2023-07-30", "protocol": "Curve (Vyper pools)", "chain": "Ethereum", "attackVector": "Reentrancy via Vyper compiler bug en @nonreentrant lock", "amountLostUsd": "70000000", "amountRecoveredUsd": "52000000", "timeWindow": "~1h", "rootCause": "Vyper 0.2.15-0.3.0 mal-compilaba locks → reentrancy en add/remove_liquidity", "reference": "Vyper post-mortem, LlamaRisk", "auditors": "Si (pre-awareness)", "attribution": "whitehat", "aspeRelevance": "Medium", "aspeGap": "Compiler/toolchain trust es threat. Solidity 0.8.28 puede tener bugs latentes.", "aspeMitigation": "Pin solc=0.8.28 en foundry.toml; SEC-004 §8 Threat Model incluye toolchain; residual risk doc + revisión Solidity release notes cada upgrade" }, { "id": "HACK-0004", "date": "2022-10-11", "protocol": "Mango Markets", "chain": "Solana", "attackVector": "Oracle manipulation (low-liquidity spot pump 2394%)", "amountLostUsd": "117000000", "amountRecoveredUsd": "67000000", "timeWindow": "<5min", "rootCause": "MNGO price manipulado en DEX thin-liquidity → collateral artificial", "reference": "Chainalysis", "auditors": "Si", "attribution": "crime-unattributed", "aspeRelevance": "Medium", "aspeGap": "Vault V1 no tiene oracle; bridge accounting via realized P&L epoch-based. Phase 2 con oracles: multi-source + deviation circuit breakers.", "aspeMitigation": "Diseño actual evita oracle dependency; RISK-001 documenta; SEC-004 §8 actor × asset confirma" }, { "id": "HACK-0005", "date": "2023-11-23", "protocol": "KyberSwap Elastic", "chain": "Ethereum", "attackVector": "Tick boundary rounding (swap amount = amountToCrossTick - 1)", "amountLostUsd": "47000000", "amountRecoveredUsd": "0", "timeWindow": "~1h", "rootCause": "Boundary off-by-one en sqrtP → liquidity base doubled", "reference": "KyberSwap post-mortem", "auditors": "Si", "attribution": "crime-unattributed", "aspeRelevance": "Medium", "aspeGap": "Boundary arithmetic bugs son categoría entera. Tests explícitos (0, 1, max, max-1) en convertToShares/convertToAssets", "aspeMitigation": "IMPL-012 S1-S18 tests; ampliar SEC-004 S4 con boundary-specific matrix" }, { "id": "HACK-0002", "date": "2021-08-30", "protocol": "Cream Finance", "chain": "Ethereum", "attackVector": "Reentrancy via ERC-777 AMP token tokensReceived() hook", "amountLostUsd": "25000000", "amountRecoveredUsd": "0", "timeWindow": "<5min", "rootCause": "Callback token no-standard en borrow() sin guard", "reference": "Cream post-mortem", "auditors": "Si", "attribution": "crime-unattributed", "aspeRelevance": "Low", "aspeGap": "USDC (ERC-20 standard) único asset Phase 0. Phase 2 multi-asset: whitelist explícita + reentrancy audit por token custom", "aspeMitigation": "none (single-asset USDC)" }, { "id": "HACK-0008", "date": "2020-10-26", "protocol": "Harvest Finance", "chain": "Ethereum", "attackVector": "Flash-loan oracle manipulation (Curve Y pool)", "amountLostUsd": "33800000", "amountRecoveredUsd": "2500000", "timeWindow": "<5min", "rootCause": "Vault usaba Curve pool price como oracle", "reference": "Harvest post-mortem", "auditors": "Si", "attribution": "crime-unattributed", "aspeRelevance": "Low", "aspeGap": "Validación de design: vault usa accounting interno (principal + realized profit), NO mark-to-market spot", "aspeMitigation": "none" }, { "id": "HACK-0011", "date": "2024-10-16", "protocol": "Radiant Capital", "chain": "Arbitrum", "attackVector": "DPRK social eng + INLETDRIFT macOS malware + blind signing en Ledger", "amountLostUsd": "50000000", "amountRecoveredUsd": "0", "timeWindow": "~1h", "rootCause": "3-of-11 multisig, Gnosis Safe frontend modificado post-compromise, Ledger no parsea calldata Safe", "reference": "Radiant post-mortem", "auditors": "OZ, BlockSec, Peckshield", "attribution": "DPRK-Lazarus", "aspeRelevance": "**Critical**", "aspeGap": "GUARDIAN = hot EOA (P0 residual risk per SEC-004 §13; migration a HW wallet diferida hasta pre-prod gate, ver IMPL-040 stage 0a); blind signing en cualquier hardware wallet usado para admin ops", "aspeMitigation": "SEC-004 §13 Residual Risk P0 (hardware wallet + device-que-parsea-calldata mandatory pre-producción); SEC-003 §3 cubre threat" }, { "id": "HACK-0029", "date": "2024", "protocol": "Drift Protocol", "chain": "Solana", "attackVector": "DPRK 6-month social eng + Cursor/VSCode trojanized + durable nonces pre-firmadas", "amountLostUsd": "285000000", "amountRecoveredUsd": "null", "timeWindow": "unknown", "rootCause": "Long-con pretexting (entrevistas falsas, offers) + malicious IDE extension exploit autoRun", "reference": "The Block", "auditors": "Si", "attribution": "DPRK-Lazarus", "aspeRelevance": "**Critical**", "aspeGap": "Sole-operator reduce superficie pero no elimina DPRK. Zero-trust para contratistas + verificación out-of-band", "aspeMitigation": "RESEARCH-033 approved; SEC-003 §2 OpSec threats; OPS-010 §15 IDE hygiene" }, { "id": "HACK-0030", "date": "2026-03-22", "protocol": "Resolv Labs", "chain": "Ethereum", "attackVector": "Contractor CI/CD compromise → GitHub PAT con deploy pipeline access", "amountLostUsd": "25000000", "amountRecoveredUsd": "0", "timeWindow": "unknown", "rootCause": "PAT classic con scope amplio → modifica pipeline → firma tx via KMS impersonation", "reference": "Various 2026 postmortems referenced en RESEARCH-033", "auditors": "Si", "attribution": "crime-unattributed", "aspeRelevance": "**Critical**", "aspeGap": "CI/CD hardening: GitHub PAT classic, branch protection, CODEOWNERS", "aspeMitigation": "IMPL-040 S3 planeado (branch protection + fine-grained PATs + signed commits); residual risk hasta S3 done" }, { "id": "HACK-0010", "date": "2022-03-23", "protocol": "Ronin Bridge", "chain": "Ethereum/Ronin", "attackVector": "Validator key compromise via spear-phishing (DPRK)", "amountLostUsd": "540000000", "amountRecoveredUsd": "162000000", "timeWindow": "~6d", "rootCause": "5-of-9 validators: 4 Sky Mavis + 1 Axie DAO dio rights permanentes; spear-phishing comprometió Sky Mavis", "reference": "Ronin post-mortem, Elliptic", "auditors": "Si", "attribution": "DPRK-Lazarus", "aspeRelevance": "High", "aspeGap": "3-tier timelock reduce blast radius pero Protective Tier es instant. Vault owner = 1 EOA Phase 0.", "aspeMitigation": "IMPL-040 S1 (HW wallet DIFERIDO a pre-prod); SEC-004 §13 P0 residual risk" }, { "id": "HACK-0012", "date": "2023-12-31", "protocol": "Orbit Bridge", "chain": "Ethereum/Klaytn", "attackVector": "Multisig compromise (7-of-10) + firewall disabled por ex-empleado", "amountLostUsd": "81500000", "amountRecoveredUsd": "0", "timeWindow": "~1h", "rootCause": "Ex-CISO cambió firewall policies 2d antes de retirement voluntario", "reference": "Halborn explainer, Rekt", "auditors": "Si", "attribution": "unknown", "aspeRelevance": "Medium", "aspeGap": "Sole-operator reduce structurally. Phase 2 multi-admin: offboarding checklist obligatorio con revocation audit", "aspeMitigation": "Diseño actual sole-operator; Phase 2+ LEGAL-004 con procedure" }, { "id": "HACK-0013", "date": "2022-08-09", "protocol": "Nomad Bridge", "chain": "Ethereum", "attackVector": "Upgrade inicializó trusted roots = 0x00 → cualquier mensaje valid", "amountLostUsd": "190000000", "amountRecoveredUsd": "38000000", "timeWindow": "~6h", "rootCause": "Zero-hash matchea untrusted root en verificación; initializer bug post-upgrade (copycats entraron en 4h)", "reference": "Immunefi hack analysis", "auditors": "Si", "attribution": "crime-unattributed", "aspeRelevance": "**High**", "aspeGap": "UUPS + initializer exactly esta área", "aspeMitigation": "IMPL-010 _disableInitializers() en constructor; SEC-004 §9 attack surface \"upgrade\" documenta; ampliar invariante \"critical storage slots non-zero\" en S4" }, { "id": "HACK-0022", "date": "2024-08-06", "protocol": "Ronin (2nd)", "chain": "Ronin", "attackVector": "Upgrade initialization bug (dos initializers v3/v4, solo v4 called)", "amountLostUsd": "12000000", "amountRecoveredUsd": "12000000", "timeWindow": "unknown", "rootCause": "_totalOperatorWeight=0 no seteado → cualquier signature valid", "reference": "Halborn", "auditors": "Si", "attribution": "whitehat", "aspeRelevance": "**High**", "aspeGap": "Múltiples initializers en upgrade path", "aspeMitigation": "SEC-004 §8 Threat Model debe incluir \"post-upgrade state integrity\"; invariante runtime de critical storage != 0" }, { "id": "HACK-0014", "date": "2021-08-10", "protocol": "Poly Network", "chain": "Multi-chain", "attackVector": "Cross-contract access control misconfig", "amountLostUsd": "611000000", "amountRecoveredUsd": "611000000", "timeWindow": "<5min", "rootCause": "EthCrossChainManager podía llamar método privilegiado via crafted calldata", "reference": "Kudelski, SlowMist", "auditors": "Si", "attribution": "whitehat", "aspeRelevance": "Medium", "aspeGap": "Bridge HyperCore via precompile 0x802 (write-only); no privileged cross-contract calls desde vault", "aspeMitigation": "Diseño actual evita superficie; cada función con onlyRole tests exhaustivos (IMPL-012 T3.1)" }, { "id": "HACK-0016", "date": "2021-12-01", "protocol": "BadgerDAO", "chain": "Ethereum", "attackVector": "Cloudflare API compromise → JS injection → unlimited approval redirect", "amountLostUsd": "120000000", "amountRecoveredUsd": "0", "timeWindow": "~1h", "rootCause": "JS malicioso en frontend modificó approval recipient", "reference": "Halborn", "auditors": "Si (contratos)", "attribution": "crime-unattributed", "aspeRelevance": "**High**", "aspeGap": "Landing aspelabs.xyz en 1984 Hosting: DNS/hosting auth = attack surface directa", "aspeMitigation": "SEC-004 §10.7 DNS + RESEARCH-017 checklist; CSP headers + SRI en cualquier script externo; residual: CAA + DNSSEC verification (S5 T5.2 10.7)" }, { "id": "HACK-0017", "date": "2022-08-10", "protocol": "Curve Finance", "chain": "Ethereum", "attackVector": "DNS hijack via iwantmyname nameserver", "amountLostUsd": "570000", "amountRecoveredUsd": "0", "timeWindow": "~1h", "rootCause": "Registrar comprometido a nivel de nameserver", "reference": "Curve substack", "auditors": "No", "attribution": "crime-unattributed", "aspeRelevance": "**High**", "aspeGap": "Mismo vector que Badger. 1984 Hosting: registry lock + DNSSEC + CAA", "aspeMitigation": "IMPL-024 anonymous infra done; SEC-004 S5 §10.7 verifica estado actual" }, { "id": "HACK-0015", "date": "2022-09-20", "protocol": "Wintermute", "chain": "Ethereum", "attackVector": "Profanity vanity address brute-force (CPRNG 32-bit seed)", "amountLostUsd": "162000000", "amountRecoveredUsd": "0", "timeWindow": "~1h", "rootCause": "Tool seedeaba con 32-bit → 1000 GPU × 50d crackea 7-char vanity", "reference": "Halborn, Amber Group", "auditors": "N/A (tool vuln)", "attribution": "crime-unattributed", "aspeRelevance": "Low", "aspeGap": "Admin addresses de ASPE generadas con hardware wallet (256-bit entropy standard)", "aspeMitigation": "IMPL-023 wallet generation done; no vanity addresses" }, { "id": "HACK-0018", "date": "2023-07", "protocol": "Multichain", "chain": "Multi-chain", "attackVector": "MPC keys \"perdidos\" / likely inside control", "amountLostUsd": "126000000", "amountRecoveredUsd": "0", "timeWindow": "~1d", "rootCause": "CEO arrested; withdrawals continuaron post-arrest", "reference": "Chainalysis", "auditors": "Si", "attribution": "insider", "aspeRelevance": "Low", "aspeGap": "Sole-operator structural mitigation. Phase 2-3 multi-operator: m-of-n MPC + monitoring per-share", "aspeMitigation": "LEGAL-004 roadmap documenta; no blocker Fase 0" }, { "id": "HACK-0019", "date": "2023-12-14", "protocol": "Ledger Connect Kit", "chain": "NPM supply chain", "attackVector": "Ex-empleado phished → NPM session token stolen → versions 1.1.5-1.1.7 con Angel Drainer", "amountLostUsd": "600000", "amountRecoveredUsd": "0", "timeWindow": "~1h", "rootCause": "NPM session token sin 2FA hardware", "reference": "Ledger incident report", "auditors": "Si", "attribution": "crime-unattributed", "aspeRelevance": "**High**", "aspeGap": "Frontend vault Phase 2+: pin versions (lockfile), SRI, CSP, no latest tags; bot: requirements.lock + hash verification", "aspeMitigation": "S0c done (requirements.lock con sha256 hashes); SEC-004 §10.6 cubrirá frontend pipeline post-Phase 2" }, { "id": "HACK-0028", "date": "2021-11", "protocol": "bZx developer laptop", "chain": "Ethereum", "attackVector": "Phishing email → Word macro → seed stolen desde dev machine", "amountLostUsd": "55000000", "amountRecoveredUsd": "0", "timeWindow": "unknown", "rootCause": "Personal computer con seed en disco comprometido", "reference": "Halborn", "auditors": "-", "attribution": "crime-unattributed", "aspeRelevance": "**High**", "aspeGap": "Dev machine = admin machine es attack surface directa", "aspeMitigation": "SEC-003 draft §2 (admin machine hygiene); OPS-010 §15 IDE hygiene; HW wallet + no .env con keys (ya enforced)" }, { "id": "HACK-0027", "date": "2023-01-23", "protocol": "LastPass → Solana drainers", "chain": "-", "attackVector": "2022 LastPass breach exfiltró vaults con seed phrases → multi-protocolo drainer 6 meses después", "amountLostUsd": "null", "amountRecoveredUsd": "0", "timeWindow": "~6mo", "rootCause": "Seeds almacenados en password manager; LastPass pentest cred storage comprometida", "reference": "Múltiples Chainalysis/SlowMist", "auditors": "N/A", "attribution": "crime-unattributed", "aspeRelevance": "**High**", "aspeGap": "No almacenar seed phrases en KeePassXC ni en ningún password manager", "aspeMitigation": "OPS-010 §13 documenta: \"Backup paper only para HW wallet seeds, nunca en KeePassXC\"" }, { "id": "HACK-0021", "date": "2022-02-02", "protocol": "Wormhole", "chain": "Solana↔Ethereum", "attackVector": "Signature verification bypass (sysvar account confusion)", "amountLostUsd": "326000000", "amountRecoveredUsd": "326000000", "timeWindow": "<5min", "rootCause": "load_instruction_at no verificaba sysvar real → fake account bypass", "reference": "Halborn, Kudelski", "auditors": "Si", "attribution": "crime-unattributed", "aspeRelevance": "Low", "aspeGap": "Vault no verifica signatures cross-chain (precompile oficial HL)", "aspeMitigation": "Trust en CoreWriter precompile documented en PROD-002" }, { "id": "HACK-0020", "date": "2020-11-26", "protocol": "Compound DAI", "chain": "Ethereum", "attackVector": "Coinbase oracle deviation $1 → $1.30 + Uniswap sanity falló", "amountLostUsd": "100000000", "amountRecoveredUsd": "0", "timeWindow": "~1h", "rootCause": "Single-source price feed sin multi-source fallback", "reference": "Decrypt", "auditors": "Si", "attribution": "crime-unattributed", "aspeRelevance": "Low", "aspeGap": "Vault V1 sin oracle on-chain. Phase 2 assets con oracle: multi-source (Chainlink + Pyth + TWAP) + staleness + deviation breakers", "aspeMitigation": "Diseño actual N/A" }, { "id": "HACK-0009", "date": "2022-04-17", "protocol": "Beanstalk Farms", "chain": "Ethereum", "attackVector": "Flash-loan governance attack", "amountLostUsd": "182000000", "amountRecoveredUsd": "0", "timeWindow": "<5min", "rootCause": "emergencyCommit() permitía execute en misma tx que vote", "reference": "Immunefi hack analysis", "auditors": "Si", "attribution": "crime-unattributed", "aspeRelevance": "N/A", "aspeGap": "Phase 0: no DAO on-chain; no hay superficie. Phase 2+: snapshot-at-block + voting period > flash loan duration", "aspeMitigation": "STRAT-004 roadmap (Phase 2) documenta requisito" }, { "id": "HACK-0023", "date": "2023-04-09", "protocol": "Sushi RouteProcessor2", "chain": "Ethereum", "attackVector": "Approval bug: user approval al router → router llama arbitrary pool → malicious pool drena", "amountLostUsd": "3300000", "amountRecoveredUsd": "2600000", "timeWindow": "~1h", "rootCause": "call() con params controlled-by-user hacia contratos arbitrarios", "reference": "Sushi post-mortem", "auditors": "Si", "attribution": "crime-unattributed", "aspeRelevance": "Medium", "aspeGap": "Router actual (AspeLabsRouter) no hace external calls con addresses controlled-by-caller", "aspeMitigation": "IMPL-012 T3.9 RT1-RT4 PASS; forceApprove + revert deshace aprobación" }, { "id": "HACK-0024", "date": "2022-05-09", "protocol": "Terra UST/Luna", "chain": "Terra", "attackVector": "Algorithmic stablecoin death spiral", "amountLostUsd": "50000000000", "amountRecoveredUsd": "null", "timeWindow": "~1d", "rootCause": "Peg backed solo por LUNA mint + Anchor 19.5% yield insostenible → bank run", "reference": "MIT Sloan", "auditors": "N/A", "attribution": "unknown", "aspeRelevance": "N/A", "aspeGap": "Vault no es stablecoin; yield real (trading P&L, no subsidio)", "aspeMitigation": "STRAT-001 documenta yield source" }, { "id": "HACK-0031", "date": "2026-04-18", "protocol": "KelpDAO", "chain": "Ethereum", "attackVector": "OFT drain via LayerZero DVN 1/1 config: Lazarus sustituyo binarios de 2 nodos RPC + DDoS a nodos legitimos → verificador LayerZero Labs recibio mensajes manipulados", "amountLostUsd": "292000000", "amountRecoveredUsd": "null", "timeWindow": "<5min", "rootCause": "Configuracion DVN 1/1 (un solo validador obligatorio, sin optional DVNs) contra recomendacion publica LayerZero. Bug no fue en codigo LZ/Kelp sino en decision de config. OApps multi-DVN fueron inmunes (contagio = 0)", "reference": "RESEARCH-026, LayerZero attribution", "auditors": "Si (Kelp auditado; LayerZero code no fue el bug)", "attribution": "DPRK-Lazarus", "aspeRelevance": "Low", "aspeGap": "Vault Phase 0-1 usa precompile oficial HL-CoreWriter, no OFT ni bridges custom; Phase 2 cross-chain (PROD-001 §2.9) y potencial OFT de token ASPE requieren stance multi-DVN ≥3/N", "aspeMitigation": "RESEARCH-026 approved; stance: (a) vault core bridge-agnostic, (b) si OFT → CCIP primario + LZ 3/N fallback, (c) pattern D2 Finance \"OFT-compatible pero unwired\"" } ] }