BlackHartBlackHart
Scores/Ether.fi/Provenance/Access Control
D1

Access Control

Permission models, admin surface, reentrancy protection, and authorization boundaries. #1 exploit vector by dollar loss in DeFi history.

Weight 18%80% confidence
62
Moderate
info

How This Score Is Built

Permission models, admin surface, reentrancy protection, and authorization boundaries. #1 exploit vector by dollar loss in DeFi history.

+23Strong positive
+12Positive
+5Slight positive
−15Strong negative
−8Negative
−3Slight negative

Score Composition

+12

18 permissionless state-mutating functions out of 75 external

Strong positiveopen_in_newSource CodeMay 4, 2026
+12

roleRegistry.hasRole() provides runtime defense invisible to static analysis

Strong positiveopen_in_newSource CodeMay 4, 2026
+12

8/8 fork-validated redemption chains are HONEST_NEGATIVE (safeTransferFrom msg.sender pattern)

Strong positivecodeView in sourceopen_in_newSource CodeMay 4, 2026
+12

Lone-sink heuristic false positives inflate raw cell count

Strong positiveopen_in_newSource CodeMay 4, 2026
+12

deposit() is the only payable function

Strong positiveopen_in_newSource CodeMay 4, 2026

Evidence Chain (2 files)

GitHub APIMay 17, 2026, 06:58 PM
open_in_newGitHub (/)
sha256:160a70884ede...
BlackHart AnalysisMay 4, 2026, 09:00 PM
open_in_newAccess Control — Source Code
sha256:e3dae6f81059...

Score History

Automated pipeline dimension update
How is Access Controlscored? →← Back to Provenance Ledger