BlackHartBlackHart
Scores/rhino.fi/Provenance/Supply Chain
D8

Supply Chain

Compiler version CVEs, library dependencies, build reproducibility, and proxy pattern risk.

Weight 4%65% confidence
68
Moderate
info

How This Score Is Built

Compiler version CVEs, library dependencies, build reproducibility, and proxy pattern risk.

+23Strong positive
+12Positive
+5Slight positive
−15Strong negative
−8Negative
−3Slight negative

Score Composition

-32

StarkWare infrastructure dependency creates supply chain risk

Negativeopen_in_newGitHub Supply ChainMay 4, 2026
+23

StarkEx settlement layer (StarkWare proprietary dependency)

Positiveopen_in_newGitHub Supply ChainMay 4, 2026
+23

OpenZeppelin upgradeable contracts

Positiveopen_in_newGitHub Supply ChainMay 4, 2026
+23

Standard Solidity dependencies

Positiveopen_in_newGitHub Supply ChainMay 4, 2026

Evidence Chain (2 files)

GitHub APIMay 17, 2026, 06:58 PM
open_in_newGitHub (/)
sha256:805d8bf6c6d5...
BlackHart AnalysisMay 4, 2026, 10:30 PM
open_in_newSupply Chain — GitHub Supply Chain
sha256:4ba9cecb8b78...

Score History

Automated pipeline dimension update
How is Supply Chainscored? →← Back to Provenance Ledger