LIF is an open-source research framework for onchain governance and protocol safety. This repository contains a standardized dataset of blockchain security incidents and emergency interventions.

Version: 1.0
Last Updated: 2026-02-13

The website consumes JSON exports generated from the CSVs in data/refined/.

Each record in web/data/interventions.json includes is_proactive to distinguish proactive / metrics-only cases.

• Total Losses: $78,805,538,747
• Total Prevented: $2,511,574,380 (from all interventions dataset)
• Total Prevented (Metrics Subset): $1,666,149,380
• LIF-Relevant Cases: 601
• Systemic Failures: 10 cases ($61.80B)
• Other Non-Addressable: 94 cases ($7.41B)

legitimate-intervention-framework/
├── data/
│   └── refined/
│       ├── lif_exploits_final.csv          # Main exploits dataset
│       ├── lif_all_interventions.csv       # Intervention cases
│       └── lif_intervention_metrics.csv    # High-fidelity metrics
├── methodology/
│   ├── data_dictionary.md                  # Field definitions
│   ├── dataset_summary.md                  # Statistics & overview
│   ├── data_provenance.md                  # Data sources
│   └── intervention_datasets.md            # Intervention methodology
└── README.md                               # This file

import pandas as pd

# Load exploits dataset
exploits = pd.read_csv('data/refined/lif_exploits_final.csv')

# Load interventions
interventions = pd.read_csv('data/refined/lif_all_interventions.csv')

# Load high-fidelity metrics
metrics = pd.read_csv('data/refined/lif_intervention_metrics.csv')

• Website Documentation - Architecture, design system, chart pipeline, deployment
• Data Dictionary - Complete field definitions
• Dataset Summary - Statistics and overview
• Data Provenance - Sources and methodology
• Intervention Methodology - Intervention classification

• Standardized Format: Consistent incident_id format (PROTOCOL-YYYY-MM-DD)
• High Quality: All cases manually reviewed and validated
• Complete Coverage: Ecosystem classifications (EVM, Non-EVM, CeFi, etc.)
• Intervention Data: Timing, scope, authority, and effectiveness metrics
• Source Attribution: All cases linked to primary sources

• Research Paper: https://github.com/e3o8o/legitimate-overrides-paper
  Academic paper by Oghenekaro Elem & Nimrod Talmon: "Legitimate Overrides in Decentralized Protocols."

ArXiv: https://arxiv.org/pdf/2602.12260

• IPFS gateway: https://ipfs.io/ipfs/bafybeiaik6otc54wklfhchk6jr4z7ezh4cjhzu3jilvaesnkmdumxnkcoq/

• The public database view is now intended to read a frozen public exploit/intervention snapshot through the live AUK API via a same-origin Cloudflare Pages proxy.
• The chart layer remains backed by static aggregated JSON in web/data/charts/ and web/data/series/.
• Local fallback files under web/data/ are aligned to the normalized infrastructure JSON contract rather than the older website-specific envelope export.

This dataset is provided for research purposes. Please cite appropriately when using in academic work.

For questions or issues, please open a GitHub issue or contact x.com/elemoghenekaro.