Balancer
DAMASCUSDEX / AMM · Multi-chain · $2B+ TVL · 20 contracts
Confidence 80%Z-Factor 0.89Updated 2026-05-17Public Score
Public risk assessment — scores are produced with the same methodology as monitored protocols
849
BRI Score
3004756508251000
Security Profile
Access Control
85
85
Economic Soundness
82
82
Oracle Integrity
85
85
Compositional Risk
78
78
Governance
85
85
Maturity
82
82
Resilience
59
59
Supply Chain
85
85
Op Security
58
58
Cascade Exposure
100
100
Access Ctrl
85
85
Economic
82
82
Oracle
85
85
Compos.
78
78
Govern.
85
85
Maturity
82
82
Resilience
59
59
Supply Ch.
85
85
OpSec
58
58
Cascade
100
100
Min
58
Avg
80
Max
100
Audit History
Trail of Bits
2020-03
OpenZeppelin
2021-11
Certora (Formal)
2023-01
Bug Bounty Program
$1,000,000
Max payout on Immunefi
Assessment
Innovative weighted AMM with deep composability. D4 penalized for rate provider chains and nested pool complexity. D2 reflects boosted pool economic complexity. Solid 66-month track record with no drains.
Dimension Breakdown
How scores work →Access Control
Weight 18%82% conf
85
arrow_forwardStrong
+21Authorizer contract with granular role-based permissions
+21Emergency DAO multisig for critical actions
+21Timelock on governance parameter changes
+21Pool-level admin delegated to pool creators
receipt_longView provenance chainarrow_forward
Economic Soundness
Weight 13%78% conf
82
arrow_forwardStrong
+20Weighted pools with generalized AMM math
+20Boosted pools add yield-bearing complexity
+20Rate provider mechanism for LST/wrapped assets
+20Flash loans available but bounded by pool liquidity
receipt_longView provenance chainarrow_forward
Oracle Integrity
Weight 13%80% conf
85
arrow_forwardStrong
+28Rate providers for LST pricing (stETH, rETH, etc.)
+28Chainlink integration for external price feeds
-15Rate provider chain introduces oracle composition risk
+28Price manipulation bounded by pool depth
receipt_longView provenance chainarrow_forward
Battle-Tested Maturity
Weight 12%88% conf
82
arrow_forwardStrong
+20V1 live since 2020, V2 since 2021 (66+ months org history)
-18No protocol-level drain exploit
+20Rate provider vulnerabilities found but contained
+20Multiple audit firms over lifetime
receipt_longView provenance chainarrow_forward
Governance & Upgradeability
Weight 10%82% conf
85
arrow_forwardStrong
+21veBAL governance model with voting escrow
+21Emergency multisig for rapid response
+21Active governance participation
+21Balancer DAO manages protocol parameters
receipt_longView provenance chainarrow_forward
Adversarial Resiliencelock
Weight 10%95% conf
59
Moderate
- Score derived from continuous adversarial security research
Operational Security
Weight 10%60% conf
58
arrow_forwardModerate
-10No branch protection detected
+14Active CI/CD (100% success rate)
+14Commit signing: 100% verified
+14Strong PR review culture (97% reviewed)
receipt_longView provenance chainarrow_forward
Compositional Risk
Weight 5%75% conf
78
arrow_forwardGood
+20Boosted pools compose with external yield sources
+20Nested pools create multi-layer composition
+20Rate provider chains can propagate pricing errors
+20Deep DeFi integration (Aura, Gyroscope, etc.)
receipt_longView provenance chainarrow_forward
Cascade Exposure
Weight 5%55% conf
100
arrow_forwardExcellent
+33Appears in 1 cross-protocol cascade chain(s)
+33Member of 3 dependency cluster(s)
0Score: 100/100 (higher = more isolated from systemic risk)
+33Source: cross_protocol_composition.json dependency analysis
receipt_longView provenance chainarrow_forward
Supply Chain
Weight 4%82% conf
85
arrow_forwardStrong
+21OpenZeppelin base libraries
+21Complex custom math libraries (LogExpMath, FixedPoint)
+21Well-maintained dependency set
+21Verified on all deployment chains
receipt_longView provenance chainarrow_forward
Risk Drivers
Primary risk factors driving this score, ordered by severity.
Operational Security58
Adversarial Resilience59
Compositional Risk78
Adversarial Risk Signals
Observable security posture indicators. These signals reflect publicly verifiable information and responsible disclosure outcomes. No specific vulnerability details are exposed.
Disclosure HistoryNot Assessed
Remediation VelocityNot Assessed
Bug Bounty ProgramNot Assessed
Audit CoverageNot Assessed
Incident HistoryNot Assessed
Score History & Verification
Score provenance tracking begins with the next reassessment.
On-Chain Data
- Protocol Slug
- "balancer"
- Oracle
- BRORegistry (Base)
- Evidence
- IPFS (pinned)
- Staleness Threshold
- 24 hours
Read Score
registry.getScore("balancer")Reduce exploitable risk
BlackHart Monitoring provides continuous adversarial analysis, vulnerability detection, remediation support, and verified reassessment when your risk posture improves.