Scores/Balancer

Balancer

DAMASCUS

DEX / AMM · Multi-chain · $2B+ TVL · 20 contracts

Official site: balancer.fi ↗

849

3004756508251000

Confidence80%

Z-Factor0.89

Updated 2026-05-27Public score

Security Profile

Access Control
85

Economic Soundness
82

Oracle Integrity
85

Compositional Risk
78

Governance
85

Maturity
82

Resilience
59

Supply Chain
85

Op Security
58

Cascade Exposure
100

Access Ctrl
85

Economic
82

Oracle
85

Compos.
78

Govern.
85

Maturity
82

Resilience
59

Supply Ch.
85

OpSec
58

Cascade
100

Min

Avg

Max

100

Audit History

Trail of Bits

2020-03

OpenZeppelin

2021-11

Certora (Formal)

2023-01

Bug Bounty Program

$1,000,000

Max payout on Immunefi

View Program

Assessment

Innovative weighted AMM with deep composability. D4 penalized for rate provider chains and nested pool complexity. D2 reflects boosted pool economic complexity. Solid 66-month track record with no drains.

Dimension Breakdown

Methodology

Access Control

Weight 18% · 82% confidence

+21Authorizer contract with granular role-based permissions

+21Emergency DAO multisig for critical actions

+21Timelock on governance parameter changes

+21Pool-level admin delegated to pool creators

Provenance

Economic Soundness

Weight 13% · 78% confidence

+20Weighted pools with generalized AMM math

+20Boosted pools add yield-bearing complexity

+20Rate provider mechanism for LST/wrapped assets

+20Flash loans available but bounded by pool liquidity

Provenance

Oracle Integrity

Weight 13% · 80% confidence

+28Rate providers for LST pricing (stETH, rETH, etc.)

+28Chainlink integration for external price feeds

-15Rate provider chain introduces oracle composition risk

+28Price manipulation bounded by pool depth

Provenance

Battle-Tested Maturity

Weight 12% · 88% confidence

+16V1 live since 2020, V2 since 2021 (66+ months org history)

+16No protocol-level drain exploit

+16Rate provider vulnerabilities found but contained

+16Multiple audit firms over lifetime

Provenance

Governance & Upgradeability

Weight 10% · 82% confidence

+21veBAL governance model with voting escrow

+21Emergency multisig for rapid response

+21Active governance participation

+21Balancer DAO manages protocol parameters

Provenance

Adversarial Resilienceredacted

Weight 10% · 95% confidence

Score derived from continuous adversarial security research

Provenance

Operational Security

Weight 10% · 60% confidence

-42No branch protection detected

+12Active CI/CD (100% success rate)

+12Commit signing: 100% verified

+12Strong PR review culture (97% reviewed)

Provenance

Compositional Risk

Weight 5% · 75% confidence

+20Boosted pools compose with external yield sources

+20Nested pools create multi-layer composition

+20Rate provider chains can propagate pricing errors

+20Deep DeFi integration (Aura, Gyroscope, etc.)

Provenance

Cascade Exposure

Weight 5% · 55% confidence

100

+33Appears in 1 cross-protocol cascade chain(s)

+33Member of 3 dependency cluster(s)

+33Source: cross_protocol_composition.json dependency analysis

Provenance

Supply Chain

Weight 4% · 82% confidence

+21OpenZeppelin base libraries

+21Complex custom math libraries (LogExpMath, FixedPoint)

+21Well-maintained dependency set

+21Verified on all deployment chains

Provenance

Top Score Drivers

Dimensions with the greatest marginal impact on BRI.

Operational Security

58+30.8 potential

No branch protection detected

Adversarial Resilience

59+29.8 potential

Access Control

85+16.3 potential

Authorizer contract with granular role-based permissions

Economic Soundness

82+14.4 potential

Weighted pools with generalized AMM math

Battle-Tested Maturity

82+13.2 potential

V1 live since 2020, V2 since 2021 (66+ months org history)

Adversarial Risk Signals

Publicly verifiable security posture indicators.

Disclosure HistoryNot Assessed

Remediation VelocityNot Assessed

Bug Bounty ProgramNot Assessed

Audit CoverageNot Assessed

Incident HistoryNot Assessed

Deployed 2020-04-2010 dimensionsProvenance Ledger

methodology v2.1formula v1.1weights v1.1evidence sha256:sha256:e...

Score History & Verification

Score provenance tracking begins with the next reassessment.

Full provenance ledger

On-Chain Data

Protocol Slug: "balancer"
Oracle: BRORegistry (Base)
Evidence: IPFS (pinned)
Staleness Threshold: 24 hours

Read Score

registry.getScore("balancer")

Reduce exploitable risk

Continuous adversarial analysis, vulnerability detection, and verified reassessment.

View Plans Methodology

Embed this score

Live, updates automatically. Free for any site. Click-through links open the full report on BlackHart.

Public

Style

Theme

Format

Preview

Copy iframe code

<iframe
  src="https://blackhart.io/embed/oracle/balancer?variant=card&theme=dark"
  title="BlackHart Risk Index: Balancer"
  width="340"
  height="290"
  frameborder="0"
  loading="lazy"
  style="border:0; max-width:100%;"
></iframe>

Believe this score contains a factual error? Submit evidence for review