CertiK attributed the Hector Network exploit to centralization risk around a privileged moderator role in the project's redemption process. The affected contracts let a moderator call AddEligibleWallet to designate addresses that could later claim assets through mintWithdraw and transferRedemption, draining funds from the HectorRedemptionTreasury. CertiK said its December 2023 audit had already flagged the centralized role as a single point of failure, but the issue remained acknowledged rather than remediated because the client kept the design for operational reasons. The postmortem frames the $2.7 million withdrawal as outside the original audit scope but directly tied to the unresolved privileged-role risk.