Scores/Kinetiq

Kinetiq

TEMPERED

Liquid Staking · Hyperliquid · $1.1B+ TVL · 8 contracts

Official site: kinetiq.xyz ↗

688

3004756508251000

Confidence51%

Z-Factor0.65

Updated 2026-06-01Public score

Security Profile

Access Control
55

Economic Soundness
53

Oracle Integrity
54

Compositional Risk
62

Governance
62

Maturity
44

Resilience
56

Supply Chain
80

Cross-Chain Messaging
42

Op Security
60

Cascade Exposure
82

Access Ctrl
55

Economic
53

Oracle
54

Compos.
62

Govern.
62

Maturity
44

Resilience
56

Supply Ch.
80

X-Chain
42

OpSec
60

Cascade
82

Min

Avg

Max

Audit History

Pashov Audit Group

2025-03Report

Zenith

2025-03Report

Code4rena

2025-04Report

Spearbit

2025-06Report

Pashov Audit Group

2025-11Report

Zenith

2025-11Report

Spearbit

2025-11Report

Spearbit

2026-01Report

Bug Bounty Program

$5,000,000

Max payout on Cantina

View Program

Assessment

Young (~14mo since first audited deployment, public mainnet 2025-07-15) liquid-staking protocol on a new L1 (Hyperliquid) with a large validated-vulnerability inventory (validated tier 7C/2H/6M out of 103 tracked) including multiple passing-PoC permissionless defects. BUT strong mitigating evidence read directly on-chain: a 4-of-8 Gnosis Safe multisig holds all admin/upgrade/pause power (NOT a single key), the OracleManager sanityChecker is LIVE, the live exchange rate is healthy, TVL ~$1.15B is real and sustained, and the protocol carries EIGHT external audits (Pashov/Zenith/C4/Spearbit) plus a continuous $5M Cantina bounty. These lift D1(55)/D5(62)/D11(60) above the baseline and push the composite from 649 (FORGED) to 688 (TEMPERED). The activated D10 (42, weak EVM<->L1 bridge) pulls back down, which is the honest direction. Sits at the FORGED/TEMPERED boundary — appropriate for a heavily-audited but young, single-operator-driven LST on a novel L1.

Dimension Breakdown

Methodology

12 dimensions · Updated 2026-06-01

Additional Dimensions

Top Score Drivers

Dimensions with the greatest marginal impact on BRI.

Access Control

55+40.9 potential

MIN_VALID_ORACLES = 1 confirmed live (cast) — single-oracle aggregation, weak quorum

Battle-Tested Maturity

44+37.3 potential

EIGHT external audits across 2025-2026: Pashov (2025-03-06, 2025-11-23), Zenith (2025-03-17, 2025-11-24), Code4rena (2025-04-16), Spearbit (2025-06-24, 2025-11-27, 2026-01-15) — heavy, ongoing professional scrutiny by top firms. Raised D6 from 35 to 44.

Economic Soundness

53+31 potential

CONFIRMED Critical (#2256, passing PoC): StakingAccountant._getExchangeRatio 'totalStaked + rewardsAmount - totalClaimed - slashingAmount' is unchecked subtraction — permanent underflow brick when slashing exceeds headroom; no admin function reduces totalSlashing. Verified in source. NOTE: live sanityChecker now bounds the slashing delta magnitude, raising the activation cost vs the original address(0) premise.

Oracle Integrity

54+30 potential

ON-CHAIN (cast): OracleManager.sanityChecker = 0x8B641D61f1e8811038bC99ADA1685b261DA2797D (LIVE, has code) — the optional bounds layer IS deployed and active, refuting the address(0) premise in findings #2256/#2258/#174. This is the single biggest D3 confidence/score lift (48 -> 54).

Cross-Chain Messaging

42+24.3 potential

L1Write is FIRE-AND-FORGET: emits events, never reverts, returns nothing — the EVM contract cannot verify the L1 op actually executed (no read-after-write reconciliation). This is the core cross-chain weakness.

Adversarial Risk Signals

Publicly verifiable security posture indicators.

Disclosure HistoryNot Assessed

Remediation VelocityNot Assessed

Bug Bounty ProgramNot Assessed

Audit CoverageNot Assessed

Incident HistoryNot Assessed

Deployed 2025-07-1511 dimensionsProvenance Ledger

methodology v2.1formula v1.1weights v1.1

Score History & Verification

Score provenance tracking begins with the next reassessment.

Full provenance ledger

On-Chain Data

Protocol Slug: "kinetiq"
Oracle: BRORegistry (Base)
Evidence: IPFS (pinned)
Staleness Threshold: 24 hours

Read Score

registry.getScore("kinetiq")

Reduce exploitable risk

Continuous adversarial analysis, vulnerability detection, and verified reassessment.

Embed this score

Live, updates automatically. Free for any site. Click-through links open the full report on BlackHart.

Public

Style

Theme

Format

Preview

Copy iframe code

<iframe
  src="https://blackhart.io/embed/oracle/kinetiq?variant=card&theme=dark"
  title="BlackHart Risk Index: Kinetiq"
  width="340"
  height="290"
  frameborder="0"
  loading="lazy"
  style="border:0; max-width:100%;"
></iframe>

Believe this score contains a factual error? Submit evidence for review