Angle Protocol
DAMASCUSStablecoin · Multi-chain · $200M+ TVL · 15 contracts
Confidence 77%Z-Factor 0.80Updated 2026-05-17Public Score
Public risk assessment — scores are produced with the same methodology as monitored protocols
780
BRI Score
3004756508251000
Security Profile
Access Control
78
78
Economic Soundness
72
72
Oracle Integrity
65
65
Compositional Risk
75
75
Governance
68
68
Maturity
75
75
Resilience
50
50
Supply Chain
82
82
Op Security
50
50
Cascade Exposure
100
100
Access Ctrl
78
78
Economic
72
72
Oracle
65
65
Compos.
75
75
Govern.
68
68
Maturity
75
75
Resilience
50
50
Supply Ch.
82
82
OpSec
50
50
Cascade
100
100
Min
50
Avg
72
Max
100
Audit History
Chainsecurity
2021-10
Sigma Prime
2023-06
Code4rena
2023-09
Bug Bounty Program
$250,000
Max payout on Immunefi
Assessment
Well-audited EUR stablecoin with simple architecture but smaller team, limited adversarial exposure, and oracle complexity. Below DAMASCUS due to Guardian centralization risks, opaque oracle config, and lack of active bounty program. Above FORGED due to clean audit history, standard patterns, and no exploit history.
Dimension Breakdown
How scores work →Access Control
Weight 18%80% conf
78
arrow_forwardGood
+39Two-tier access: onlyGovernor (full power) + onlyGuardian (ops/fees)
+39Minter role pattern on AgToken restricts supply inflation
-11Guardian can set fees and pause without timelock -- ops flexibility vs risk tradeoff
-11No granular per-collateral admin roles (single Guardian controls all)
receipt_longView provenance chainarrow_forward
Economic Soundness
Weight 13%70% conf
72
arrow_forwardGood
+241:1 swap model with fee curves avoids complex liquidation logic
-9Savings vault uses linear rate accrual (no compounding rounding risk)
+24Rate capped by maxRate governor param prevents runaway yield
-9No flash mint capability limits inflation attack surface
receipt_longView provenance chainarrow_forward
Oracle Integrity
Weight 13%68% conf
65
arrow_forwardModerate
+13Oracle config per collateral -- flexible but complex
+13Supports Chainlink, Redstone, Pyth, custom feeds
+13updateOracle is permissionless -- anyone can trigger refresh
+13Oracle config is opaque bytes blob -- harder to audit on-chain
receipt_longView provenance chainarrow_forward
Battle-Tested Maturity
Weight 12%78% conf
75
arrow_forwardGood
+15Protocol live since Nov 2021 (42 months), Transmuter since Jun 2023
-25No critical exploits on current Transmuter architecture
+15V1 (StableMaster) deprecated -- clean migration to V2
+15Multiple audits: Chainsecurity, Code4rena, Sigma Prime
receipt_longView provenance chainarrow_forward
Governance & Upgradeability
Weight 10%65% conf
68
arrow_forwardModerate
+14OZ Governor with veANGLE voting -- standard pattern
+14Timelock on execution path for governance proposals
+14Guardian multisig has significant direct power (fees, pause, rates)
+14Guardian can effectively DoS protocol by pausing all collaterals
receipt_longView provenance chainarrow_forward
Adversarial Resiliencelock
Weight 10%30% conf
50
Concerning
- No active bug bounty program on major platforms currently
- Code4rena contest found issues in V2 design phase
- Transmuter architecture is simpler than V1 -- reduced attack surface
- EUR-focused protocol receives less adversarial attention than USD stablecoins
Operational Security
Weight 10%50% conf
50
arrow_forwardConcerning
-8No branch protection detected
-8No CI/CD pipeline detected
+25Commit signing: 87% verified
+25Strong PR review culture (77% reviewed)
receipt_longView provenance chainarrow_forward
Compositional Risk
Weight 5%72% conf
75
arrow_forwardGood
+25Simple architecture: Token + Transmuter + Savings (3 core contracts)
+25ERC-4626 standard for savings enables clean integration
-12Minimal external DeFi dependencies in core
+25Collateral tokens are external dependency surface
receipt_longView provenance chainarrow_forward
Cascade Exposure
Weight 5%50% conf
100
arrow_forwardExcellent
+50Member of 2 dependency cluster(s)
0No cross-protocol cascade exposure detected
0Score: 100/100 (higher = more isolated from systemic risk)
+50Source: cross_protocol_composition.json dependency analysis
receipt_longView provenance chainarrow_forward
Supply Chain
Weight 4%80% conf
82
arrow_forwardStrong
-18Solidity 0.8.x with built-in overflow protection
+41Verified source on Etherscan
+41Standard dependency management
receipt_longView provenance chainarrow_forward
Risk Drivers
Primary risk factors driving this score, ordered by severity.
Adversarial Resilience50
Operational Security50
Oracle Integrity65
Adversarial Risk Signals
Observable security posture indicators. These signals reflect publicly verifiable information and responsible disclosure outcomes. No specific vulnerability details are exposed.
Disclosure HistoryNot Assessed
Remediation VelocityNot Assessed
Bug Bounty ProgramNot Assessed
Audit CoverageNot Assessed
Incident HistoryNot Assessed
Score History & Verification
Score provenance tracking begins with the next reassessment.
On-Chain Data
- Protocol Slug
- "angle"
- Oracle
- BRORegistry (Base)
- Evidence
- IPFS (pinned)
- Staleness Threshold
- 24 hours
Read Score
registry.getScore("angle")Reduce exploitable risk
BlackHart Monitoring provides continuous adversarial analysis, vulnerability detection, remediation support, and verified reassessment when your risk posture improves.