Origin Protocol
DAMASCUSYield / DeFi · Ethereum · $300M+ TVL · 15 contracts
Confidence 65%Z-Factor 0.80Updated 2026-05-17Public Score
Public risk assessment — scores are produced with the same methodology as monitored protocols
799
BRI Score
3004756508251000
Security Profile
Access Control
72
72
Economic Soundness
65
65
Oracle Integrity
72
72
Compositional Risk
58
58
Governance
55
55
Maturity
75
75
Resilience
90
90
Supply Chain
76
76
Op Security
68
68
Cascade Exposure
100
100
Access Ctrl
72
72
Economic
65
65
Oracle
72
72
Compos.
58
58
Govern.
55
55
Maturity
75
75
Resilience
90
90
Supply Ch.
76
76
OpSec
68
68
Cascade
100
100
Min
55
Avg
73
Max
100
Audit History
Trail of Bits
2021-05
OpenZeppelin
2023-01
Bug Bounty Program
$200,000
Max payout on Immunefi
Assessment
Yield aggregator that learned from 2020 exploit. High maturity (Z=0.945) but D2=65 reflects historical economic vulnerability. Wide composition surface from multi-strategy approach. Post-exploit security improvements are real but past exploit anchors risk perception.
Dimension Breakdown
How scores work →Access Control
Weight 18%70% conf
72
arrow_forwardGood
+18Vault-based architecture with strategist and governor roles
+18OUSD/OETH minting through controlled deposit flow
+18Strategy allocation controlled by strategist multisig
+18Timelock on governance actions
receipt_longView provenance chainarrow_forward
Economic Soundness
Weight 13%70% conf
65
arrow_forwardModerate
+16Yield-bearing stablecoins (OUSD, OETH) via strategy allocation
+16OUSD suffered $7M exploit in Nov 2020 (flash loan/reentrancy)
+16Rebasing token model adds economic complexity
+16Strategy diversification reduces single-point failure
receipt_longView provenance chainarrow_forward
Oracle Integrity
Weight 13%70% conf
72
arrow_forwardGood
+18Chainlink oracles for asset pricing
+18Vault share pricing depends on strategy valuation
+18OUSD/OETH peg relies on accurate underlying pricing
+18Historical exploit involved oracle-adjacent flash loan attack
receipt_longView provenance chainarrow_forward
Battle-Tested Maturity
Weight 12%75% conf
75
arrow_forwardGood
+15OUSD live since 2020 (70+ months), OETH since 2023
+15Experienced and survived $7M exploit (learned from it)
+15Multiple redesigns and security improvements post-exploit
+15Multiple audits (OpenZeppelin, Trail of Bits, Certora)
receipt_longView provenance chainarrow_forward
Governance & Upgradeability
Weight 10%65% conf
55
arrow_forwardModerate
+14OGN token governance exists
+14Team retains significant operational control
+14Strategist role has broad powers within guardrails
+14Timelock provides some governance safety
receipt_longView provenance chainarrow_forward
Adversarial Resiliencelock
Weight 10%95% conf
90
Excellent
- Score derived from continuous adversarial security research
Operational Security
Weight 10%60% conf
68
arrow_forwardModerate
-11No branch protection detected
+14Active CI/CD (80% success rate)
+14Commit signing: 100% verified
+14Strong PR review culture (93% reviewed)
receipt_longView provenance chainarrow_forward
Compositional Risk
Weight 5%68% conf
58
arrow_forwardModerate
+14Strategies compose across multiple DeFi protocols (Aave, Compound, Convex, etc.)
+14OUSD/OETH used as collateral in lending markets
+14Strategy diversity means wide composition surface
+14Rebasing token creates integration complexity for downstream
receipt_longView provenance chainarrow_forward
Cascade Exposure
Weight 5%50% conf
100
arrow_forwardExcellent
+50Member of 2 dependency cluster(s)
0No cross-protocol cascade exposure detected
0Score: 100/100 (higher = more isolated from systemic risk)
+50Source: cross_protocol_composition.json dependency analysis
receipt_longView provenance chainarrow_forward
Supply Chain
Weight 4%75% conf
76
arrow_forwardGood
+19OpenZeppelin dependencies
+19Strategy contracts interact with many external protocols
+19Standard Solidity stack
+19Wide dependency surface from strategy diversity
receipt_longView provenance chainarrow_forward
Risk Drivers
Primary risk factors driving this score, ordered by severity.
Governance & Upgradeability55
Compositional Risk58
Economic Soundness65
Adversarial Risk Signals
Observable security posture indicators. These signals reflect publicly verifiable information and responsible disclosure outcomes. No specific vulnerability details are exposed.
Disclosure HistoryNot Assessed
Remediation VelocityNot Assessed
Bug Bounty ProgramNot Assessed
Audit CoverageNot Assessed
Incident HistoryNot Assessed
Score History & Verification
Score provenance tracking begins with the next reassessment.
On-Chain Data
- Protocol Slug
- "origin"
- Oracle
- BRORegistry (Base)
- Evidence
- IPFS (pinned)
- Staleness Threshold
- 24 hours
Read Score
registry.getScore("origin")Reduce exploitable risk
BlackHart Monitoring provides continuous adversarial analysis, vulnerability detection, remediation support, and verified reassessment when your risk posture improves.