BlackHartBlackHart
Scores/Maple Finance

Maple Finance

DAMASCUS

Institutional Lending · Ethereum + Solana · $500M+ TVL · 15 contracts

Confidence 70%Z-Factor 0.81Updated 2026-05-17Public Score

Public risk assessment — scores are produced with the same methodology as monitored protocols

814
BRI Score
3004756508251000

Security Profile

Access Ctrl
82
Economic
75
Oracle
85
Compos.
78
Govern.
78
Maturity
72
Resilience
50
Supply Ch.
82
OpSec
54
Cascade
100
Min
50
Avg
76
Max
100

Audit History

Trail of Bits
2021-07
Peckshield
2022-01
Three Sigma
2023-09

Bug Bounty Program

$1,000,000
Max payout on Immunefi
View Program →

Assessment

Institutional lending protocol that survived $50M bad debt from Celsius/Alameda. V2 rebuild addressed structural issues but historical event permanently impacts D6/D7. Undercollateralized lending inherently carries credit risk (D2).

Dimension Breakdown

How scores work →
Access Control
Weight 18%75% conf
82
Strong
arrow_forward
+20Pool delegates manage individual lending pools
+20Governor admin controls global parameters
+20Withdrawal manager controls redemption flow
+20Loan manager handles loan lifecycle
receipt_longView provenance chainarrow_forward
Economic Soundness
Weight 13%68% conf
75
Good
arrow_forward
-12Institutional undercollateralized lending (inherent credit risk)
+38Pool delegate due diligence is off-chain trust model
-12Celsius/Alameda bad debt exposed credit risk model
+38V2 improvements: better withdrawal mechanics, loan terms
receipt_longView provenance chainarrow_forward
Oracle Integrity
Weight 13%80% conf
85
Strong
arrow_forward
+28Internal accounting for loan terms and interest
-15No external price oracle dependency for core lending
+28Pool share pricing based on NAV calculation
+28Interest rate model is pool-delegate configured
receipt_longView provenance chainarrow_forward
Battle-Tested Maturity
Weight 12%72% conf
72
Good
arrow_forward
+18Live since May 2021 (60 months)
+18$50M+ bad debt from Celsius/Alameda collapse (2022)
-28V2 rebuild addressed structural weaknesses
+18Surviving and operational post-crisis
receipt_longView provenance chainarrow_forward
Governance & Upgradeability
Weight 10%70% conf
78
Good
arrow_forward
+20MPL token governance for protocol parameters
+20Pool delegate selection process
+20Governor multisig for emergency actions
+20Limited on-chain governance history
receipt_longView provenance chainarrow_forward
Adversarial Resiliencelock
Weight 10%30% conf
50
Concerning
  • No validated adversarial findings — score set to neutral baseline
Operational Security
Weight 10%60% conf
54
Concerning
arrow_forward
-12No branch protection detected
+14Active CI/CD (100% success rate)
+14Commit signing: 100% verified
-12Weak PR review coverage (11%)
receipt_longView provenance chainarrow_forward
Compositional Risk
Weight 5%72% conf
78
Good
arrow_forward
+20Stablecoin dependency (USDC primarily)
+20Integration with institutional borrowers (off-chain trust)
+20Withdrawal manager creates pool composition complexity
+20Limited DeFi composability by design
receipt_longView provenance chainarrow_forward
Cascade Exposure
Weight 5%50% conf
100
Excellent
arrow_forward
+50Member of 1 dependency cluster(s)
0No cross-protocol cascade exposure detected
0Score: 100/100 (higher = more isolated from systemic risk)
+50Source: cross_protocol_composition.json dependency analysis
receipt_longView provenance chainarrow_forward
Supply Chain
Weight 4%78% conf
82
Strong
arrow_forward
+20Standard Solidity with OpenZeppelin base
+20Verified contracts on Ethereum
+20Professional build pipeline
+20Moderate dependency complexity
receipt_longView provenance chainarrow_forward

Risk Drivers

Primary risk factors driving this score, ordered by severity.

Adversarial Resilience50
Operational Security54
Battle-Tested Maturity72

Adversarial Risk Signals

Observable security posture indicators. These signals reflect publicly verifiable information and responsible disclosure outcomes. No specific vulnerability details are exposed.

Disclosure HistoryNot Assessed
Remediation VelocityNot Assessed
Bug Bounty ProgramNot Assessed
Audit CoverageNot Assessed
Incident HistoryNot Assessed
Deployed 2021-05-01Z-Factor 0.81010 active dimensionsreceipt_longProvenance Ledger

Score History & Verification

Score provenance tracking begins with the next reassessment.

receipt_longView full provenance ledger →

On-Chain Data

Protocol Slug
"maple"
Oracle
BRORegistry (Base)
Evidence
IPFS (pinned)
Staleness Threshold
24 hours
Read Score
registry.getScore("maple")

Reduce exploitable risk

BlackHart Monitoring provides continuous adversarial analysis, vulnerability detection, remediation support, and verified reassessment when your risk posture improves.

View Monitoring PlansHow Scores Work
Believe this score contains a factual error? Submit evidence for review →