Symbiotic
DAMASCUSRestaking · Ethereum · $1B+ TVL · 15 contracts
Confidence 52%Z-Factor 0.55Updated 2026-05-17Public Score
Public risk assessment — scores are produced with the same methodology as monitored protocols
767
BRI Score
3004756508251000
Security Profile
Access Control
72
72
Economic Soundness
68
68
Oracle Integrity
82
82
Compositional Risk
62
62
Governance
50
50
Maturity
52
52
Resilience
87
87
Supply Chain
80
80
Op Security
50
50
Cascade Exposure
89
89
Access Ctrl
72
72
Economic
68
68
Oracle
82
82
Compos.
62
62
Govern.
50
50
Maturity
52
52
Resilience
87
87
Supply Ch.
80
80
OpSec
50
50
Cascade
89
89
Min
50
Avg
69
Max
89
Audit History
Statemind
2024-06
Cantina Competition
2024-08
Bug Bounty Program
$500,000
Max payout on Immunefi
Assessment
Young restaking protocol with extreme centralization (D5=50), low maturity (D6=52), and high compositional risk (D4=62). Economic model untested (D2=68). Similar risk profile to early EigenLayer but even younger.
Dimension Breakdown
How scores work →Access Control
Weight 18%74% conf
72
arrow_forwardGood
+18Modular vault-operator-network permission model
+18Complex slasher/resolver role system
+18Vault deployment is permissionless
+18Emergency mechanisms still centralized
receipt_longView provenance chainarrow_forward
Economic Soundness
Weight 13%68% conf
68
arrow_forwardModerate
+68Restaking economics untested under stress
-11Slashing conditions defined per network (variable risk)
-11Correlated slashing risk across networks sharing operators
-11No proven track record of slashing mechanism functioning correctly
receipt_longView provenance chainarrow_forward
Oracle Integrity
Weight 13%76% conf
82
arrow_forwardStrong
-9Minimal oracle dependency in core protocol
+41Network-level oracle deps scoped per-service
-9ETH-native staking accounting (no external price feeds)
+41Slashing oracle trust assumptions per network
receipt_longView provenance chainarrow_forward
Battle-Tested Maturity
Weight 12%72% conf
52
arrow_forwardConcerning
+10Live since June 2024 (<1 year)
+10Novel restaking design with limited operational history
+10Experienced founders but new organization
+10Audited by Statemind, Sigma Prime
receipt_longView provenance chainarrow_forward
Governance & Upgradeability
Weight 10%78% conf
50
arrow_forwardConcerning
+50Highly centralized early-stage governance
-17Team multisig with no visible timelock
-17No token governance yet
-17Paradigm/Lido founders provide credibility but not decentralization
receipt_longView provenance chainarrow_forward
Adversarial Resiliencelock
Weight 10%95% conf
87
Strong
- Score derived from continuous adversarial security research
Operational Security
Weight 10%60% conf
50
arrow_forwardConcerning
-8No branch protection detected
+25Active CI/CD (100% success rate)
-8Minimal development activity (0 commits/month)
-8Incident response time not available (using commit frequency proxy)
receipt_longView provenance chainarrow_forward
Compositional Risk
Weight 5%70% conf
62
arrow_forwardModerate
+21Extreme compositional surface: any network can compose
-38Shared security model means correlated risk across networks
+21Vault-operator-network triad creates complex interaction surface
+21Bad network slashing can cascade to delegators
receipt_longView provenance chainarrow_forward
Cascade Exposure
Weight 5%60% conf
89
arrow_forwardStrong
+30Appears in 2 cross-protocol cascade chain(s)
+30Member of 2 dependency cluster(s)
-11Score: 89/100 (higher = more isolated from systemic risk)
+30Source: cross_protocol_composition.json dependency analysis
receipt_longView provenance chainarrow_forward
Supply Chain
Weight 4%76% conf
80
arrow_forwardStrong
+20Modular design with clean dependency graph
+20Standard OpenZeppelin libraries
+20Vault factory patterns for deployment
+20Modern Solidity versions
receipt_longView provenance chainarrow_forward
Risk Drivers
Primary risk factors driving this score, ordered by severity.
Governance & Upgradeability50
Operational Security50
Battle-Tested Maturity52
Adversarial Risk Signals
Observable security posture indicators. These signals reflect publicly verifiable information and responsible disclosure outcomes. No specific vulnerability details are exposed.
Disclosure HistoryNot Assessed
Remediation VelocityNot Assessed
Bug Bounty ProgramNot Assessed
Audit CoverageNot Assessed
Incident HistoryNot Assessed
Score History & Verification
Score provenance tracking begins with the next reassessment.
On-Chain Data
- Protocol Slug
- "symbiotic"
- Oracle
- BRORegistry (Base)
- Evidence
- IPFS (pinned)
- Staleness Threshold
- 24 hours
Read Score
registry.getScore("symbiotic")Reduce exploitable risk
BlackHart Monitoring provides continuous adversarial analysis, vulnerability detection, remediation support, and verified reassessment when your risk posture improves.