BlackHartBlackHart
Scores/SushiSwap

SushiSwap

DAMASCUS

DEX / AMM · Multi-chain · $500M+ TVL · 25 contracts

Confidence 62%Z-Factor 0.87Updated 2026-05-17Public Score

Public risk assessment — scores are produced with the same methodology as monitored protocols

795
BRI Score
3004756508251000

Security Profile

Access Ctrl
72
Economic
78
Oracle
82
Compos.
65
Govern.
55
Maturity
82
Resilience
68
Supply Ch.
75
OpSec
48
Cascade
100
Min
48
Avg
73
Max
100

Audit History

Peckshield
2020-10
Quantstamp
2021-03
Trail of Bits
2023-01

Bug Bounty Program

$250,000
Max payout on Immunefi
View Program →

Assessment

Uniswap V2 fork with 67+ months live and battle-tested core AMM. Historical governance turbulence and the 2023 RouteProcessor exploit on periphery contracts reduce confidence. BentoBox ecosystem adds significant composition complexity.

Dimension Breakdown

How scores work →
Access Control
Weight 18%75% conf
72
Good
arrow_forward
+18Multisig admin control
+18Router contracts with broad permissions
+18BentoBox vault has complex access model
+18Historical governance turbulence
receipt_longView provenance chainarrow_forward
Economic Soundness
Weight 13%78% conf
78
Good
arrow_forward
+20Proven AMM model (Uniswap V2 fork)
+20xSUSHI staking model straightforward
+20Trident multi-pool architecture adds complexity
+20Fee distribution well-tested
receipt_longView provenance chainarrow_forward
Oracle Integrity
Weight 13%80% conf
82
Strong
arrow_forward
+27TWAP oracle from Uniswap V2 model
-18No external oracle dependency in core
+27BentoBox strategies may use external oracles
+27Oracle manipulation resistant via time-weighting
receipt_longView provenance chainarrow_forward
Battle-Tested Maturity
Weight 12%82% conf
82
Strong
arrow_forward
+20Live since September 2020 (67+ months)
+20Survived governance crises
+20Uniswap V2 fork means core AMM code is battle-tested
+20Multiple products have varying maturity levels
receipt_longView provenance chainarrow_forward
Governance & Upgradeability
Weight 10%70% conf
55
Moderate
arrow_forward
+18Historical governance instability (chef controversy)
+18Multisig controls significant parameters
+18SUSHI token governance maturing
-45No meaningful timelock on many operations
receipt_longView provenance chainarrow_forward
Adversarial Resiliencelock
Weight 10%72% conf
68
Moderate
  • RouteProcessor exploit in 2023 ($3.3M)
  • Active bug bounty program
  • Core AMM unaffected by exploits (periphery was hit)
  • Multiple audit firms across products
Operational Security
Weight 10%60% conf
48
Concerning
arrow_forward
-9No branch protection detected
-9CI/CD present but unstable (0% success)
+24Commit signing: 52% verified
-9Weak PR review coverage (8%)
receipt_longView provenance chainarrow_forward
Compositional Risk
Weight 5%70% conf
65
Moderate
arrow_forward
+16BentoBox adds deep composition surface
+16Kashi lending on BentoBox
+16Cross-chain deployments with varying security
+16Multiple product lines increase surface area
receipt_longView provenance chainarrow_forward
Cascade Exposure
Weight 5%55% conf
100
Excellent
arrow_forward
+33Appears in 1 cross-protocol cascade chain(s)
+33Member of 1 dependency cluster(s)
0Score: 100/100 (higher = more isolated from systemic risk)
+33Source: cross_protocol_composition.json dependency analysis
receipt_longView provenance chainarrow_forward
Supply Chain
Weight 4%78% conf
75
Good
arrow_forward
+19Standard Solidity
+19Fork of audited Uniswap V2 code
+19BentoBox adds dependencies
+19Verified on multiple chains
receipt_longView provenance chainarrow_forward

Risk Drivers

Primary risk factors driving this score, ordered by severity.

Operational Security48
Governance & Upgradeability55
Compositional Risk65

Adversarial Risk Signals

Observable security posture indicators. These signals reflect publicly verifiable information and responsible disclosure outcomes. No specific vulnerability details are exposed.

Disclosure HistoryNot Assessed
Remediation VelocityNot Assessed
Bug Bounty ProgramNot Assessed
Audit CoverageNot Assessed
Incident HistoryNot Assessed
Deployed 2020-09-09Z-Factor 0.87010 active dimensionsreceipt_longProvenance Ledger

Score History & Verification

Score provenance tracking begins with the next reassessment.

receipt_longView full provenance ledger →

On-Chain Data

Protocol Slug
"sushiswap"
Oracle
BRORegistry (Base)
Evidence
IPFS (pinned)
Staleness Threshold
24 hours
Read Score
registry.getScore("sushiswap")

Reduce exploitable risk

BlackHart Monitoring provides continuous adversarial analysis, vulnerability detection, remediation support, and verified reassessment when your risk posture improves.

View Monitoring PlansHow Scores Work
Believe this score contains a factual error? Submit evidence for review →