BlackHartBlackHart
Scores/Beefy Finance

Beefy Finance

TEMPERED

Yield Aggregator · Multi-chain · $300M+ TVL · 20 contracts

Confidence 67%Z-Factor 0.85Updated 2026-05-17Public Score

Public risk assessment — scores are produced with the same methodology as monitored protocols

721
BRI Score
3004756508251000

Security Profile

Access Ctrl
55
Economic
60
Oracle
75
Compos.
35
Govern.
50
Maturity
80
Resilience
50
Supply Ch.
65
OpSec
54
Cascade
100
Min
35
Avg
62
Max
100

Audit History

Certik
2021-01
Peckshield
2022-06

Bug Bounty Program

$100,000
Max payout on Immunefi
View Program →

Assessment

Beefy is architecturally simple per-vault (positive) but has critical third-party farm dependency that transfers all risk externally (negative). 67-month maturity and survival through one exploit provide solid track record. The D4 compositional risk score of 35 is the anchor -- each vault is only as safe as its underlying farm. No cross-vault contagion limits systemic risk. Comparable to Yearn V2 in architecture but with wider chain surface.

Dimension Breakdown

How scores work →
Access Control
Weight 18%70% conf
55
Moderate
arrow_forward
-11Owner-based ACL (no role separation: owner controls strategy migration, token rescue, fee config)
+55Strategy has separate keeper/strategist/manager roles but all controlled by same Beefy team
-11No on-chain timelock for most admin functions (only strategy migration has approvalDelay)
-11Vault owner can call inCaseTokensGetStuck (rescue) but cannot touch want token
receipt_longView provenance chainarrow_forward
Economic Soundness
Weight 13%65% conf
60
Moderate
arrow_forward
+15Simple share/asset model (deposit/withdraw). getPricePerFullShare should be monotonic.
-40No flash loan surface in vault itself
+15First-depositor inflation attack possible on fresh vaults without dead shares
+15Performance fee capped but fee config is external contract (modifiable)
receipt_longView provenance chainarrow_forward
Oracle Integrity
Weight 13%50% conf
75
Good
arrow_forward
-8Vault does not use price oracles directly (no liquidation, no collateral)
-8Strategy swap routing relies on DEX spot prices (no TWAP protection in base)
+38getPricePerFullShare is an implicit oracle used by external integrators
+38Some strategies use Chainlink for swap path optimization (varies per strategy)
receipt_longView provenance chainarrow_forward
Battle-Tested Maturity
Weight 12%80% conf
80
Strong
arrow_forward
+13Beefy live since October 2020 (67+ months)
+13Vault V7 is latest iteration, evolved from V1-V6
+13~$350M TVL across 20+ chains, hundreds of vaults
+13One significant exploit in 2022 (Fantom strategy vulnerability, ~$11M)
receipt_longView provenance chainarrow_forward
Governance & Upgradeability
Weight 10%60% conf
50
Concerning
arrow_forward
+12Beefy operates as a DAO with BIFI token governance
+12Core team controls strategy deployments and vault parameters
+12Strategy migration has timelock (approvalDelay) but owner controls
-50No formal on-chain governance for parameter changes
receipt_longView provenance chainarrow_forward
Adversarial Resiliencelock
Weight 10%30% conf
50
Concerning
  • Immunefi bounty program active
  • Multiple community audits but no top-tier formal audit of core vault
  • Simple per-vault architecture limits blast radius
  • Third-party farm dependency is the weakest adversarial link
Operational Security
Weight 10%60% conf
54
Concerning
arrow_forward
-8No branch protection detected
+27Active CI/CD (100% success rate)
-8Weak PR review coverage (17%)
-8Low development activity (4 commits/month)
receipt_longView provenance chainarrow_forward
Compositional Risk
Weight 5%75% conf
35
Critical
arrow_forward
+9CRITICAL DIMENSION: Each vault depends entirely on its underlying farm protocol
+9Strategy calls external farm.deposit/withdraw/getReward -- any farm exploit = total loss
+9Swap via unirouter: external DEX dependency for every harvest
+9Multi-chain deployment means different farms, routers, bridges per chain
receipt_longView provenance chainarrow_forward
Cascade Exposure
Weight 5%55% conf
100
Excellent
arrow_forward
+33Appears in 1 cross-protocol cascade chain(s)
+33Member of 2 dependency cluster(s)
0Score: 100/100 (higher = more isolated from systemic risk)
+33Source: cross_protocol_composition.json dependency analysis
receipt_longView provenance chainarrow_forward
Supply Chain
Weight 4%55% conf
65
Moderate
arrow_forward
+16Uses OpenZeppelin for ERC20, Ownable, ReentrancyGuard
-35Solidity 0.8.x (overflow protection built-in)
+16Strategy code is templated but each farm integration is custom
+16Hundreds of strategy contracts, each a potential supply chain entry point
receipt_longView provenance chainarrow_forward

Risk Drivers

Primary risk factors driving this score, ordered by severity.

Compositional Risk35
Governance & Upgradeability50
Adversarial Resilience50

Adversarial Risk Signals

Observable security posture indicators. These signals reflect publicly verifiable information and responsible disclosure outcomes. No specific vulnerability details are exposed.

Disclosure HistoryNot Assessed
Remediation VelocityNot Assessed
Bug Bounty ProgramNot Assessed
Audit CoverageNot Assessed
Incident HistoryNot Assessed
Deployed 2020-10-08Z-Factor 0.85010 active dimensionsreceipt_longProvenance Ledger

Score History & Verification

Score provenance tracking begins with the next reassessment.

receipt_longView full provenance ledger →

On-Chain Data

Protocol Slug
"beefy"
Oracle
BRORegistry (Base)
Evidence
IPFS (pinned)
Staleness Threshold
24 hours
Read Score
registry.getScore("beefy")

Reduce exploitable risk

BlackHart Monitoring provides continuous adversarial analysis, vulnerability detection, remediation support, and verified reassessment when your risk posture improves.

View Monitoring PlansHow Scores Work
Believe this score contains a factual error? Submit evidence for review →