Scores/Concrete Protocol

Concrete Protocol

TEMPERED

Yield Vault · Ethereum · $100M+ TVL · 10 contracts

Official site: concrete.xyz ↗

688

3004756508251000

Confidence55%

Z-Factor0.48

Updated 2026-05-27Public score

Security Profile

Access Control
68

Economic Soundness
62

Oracle Integrity
70

Compositional Risk
55

Governance
42

Maturity
32

Resilience
50

Supply Chain
72

Op Security
47

Cascade Exposure
100

Access Ctrl
68

Economic
62

Oracle
70

Compos.
55

Govern.
42

Maturity
32

Resilience
50

Supply Ch.
72

OpSec
47

Cascade
100

Min

Avg

Max

100

Audit History

Cantina Competition

2024-11

Bug Bounty Program

$250,000

Max payout on Cantina

View Program

Assessment

Very new yield optimization protocol with minimal battle testing. Extremely low maturity (Z=0.143, D6=32) is the dominant risk factor. Governance centralization (D5=42) and unproven economics compound the risk. Score reflects high uncertainty.

Dimension Breakdown

Methodology

Access Control

Weight 18% · 55% confidence

+17Vault-based architecture with strategist controls

+17Admin roles for vault configuration and strategy allocation

+17Deposit/withdrawal access through vault interface

+17Limited public documentation on permission model

Provenance

Economic Soundness

Weight 13% · 52% confidence

+16Yield optimization via strategy rotation

+16Economic model unproven at scale

+16Fee structure not yet stress-tested

+16Token incentives may distort real yield

Provenance

Oracle Integrity

Weight 13% · 55% confidence

+18Standard oracle dependencies for asset pricing

+18Strategy valuation relies on underlying protocol oracles

+18Limited information on oracle failure handling

+18New protocol = oracle integration maturity unknown

Provenance

Battle-Tested Maturity

Weight 12% · 50% confidence

+32Mainnet since Q1 2026 (~3 months)

-17Extremely new protocol

-17Limited TVL and usage history

-17Initial audits completed but minimal battle testing

Provenance

Governance & Upgradeability

Weight 10% · 55% confidence

+10Team-controlled governance (early stage)

+10No meaningful decentralization yet

+10Vault parameters controlled by admin

+10Governance structure not yet established

Provenance

Adversarial Resilienceredacted

Weight 10% · 30% confidence

Maximum resilience under independent adversarial testing
Comprehensive security coverage across all attack surfaces
Mature codebase with extensive battle testing
No validated adversarial findings — score set to neutral baseline

Provenance

Operational Security

Weight 10% · 35% confidence

-26No branch protection detected

-26CI/CD present but unstable (0% success)

+16Strong PR review culture (100% reviewed)

+16Minimal development activity (0 commits/month)

Provenance

Compositional Risk

Weight 5% · 58% confidence

+14Yield optimization composes across DeFi protocols

+14Strategy allocation creates multi-protocol exposure

+14New strategies may add untested composition paths

+14Bounded by vault architecture but wide strategy surface

Provenance

Cascade Exposure

Weight 5% · 50% confidence

100

+33Member of 1 dependency cluster(s)

+33No cross-protocol cascade exposure detected

+33Source: cross_protocol_composition.json dependency analysis

Provenance

Supply Chain

Weight 4% · 60% confidence

+18Standard Solidity dependencies

+18Vault pattern from established libraries

+18Strategy contracts add dependency surface

+18New codebase = limited dependency audit depth

Provenance

Top Score Drivers

Dimensions with the greatest marginal impact on BRI.

Battle-Tested Maturity

32+56.9 potential

Mainnet since Q1 2026 (~3 months)

Governance & Upgradeability

42+35.2 potential

Team-controlled governance (early stage)

Operational Security

47+30.5 potential

No branch protection detected

Access Control

68+27.9 potential

Vault-based architecture with strategist controls

Adversarial Resilience

50+27.9 potential

Adversarial Risk Signals

Publicly verifiable security posture indicators.

Disclosure HistoryNot Assessed

Remediation VelocityNot Assessed

Bug Bounty ProgramNot Assessed

Audit CoverageNot Assessed

Incident HistoryNot Assessed

Deployed 2024-06-0110 dimensionsProvenance Ledger

methodology v2.1formula v1.1weights v1.1evidence sha256:sha256:7...

Score History & Verification

Score provenance tracking begins with the next reassessment.

Full provenance ledger

On-Chain Data

Protocol Slug: "concrete"
Oracle: BRORegistry (Base)
Evidence: IPFS (pinned)
Staleness Threshold: 24 hours

Read Score

registry.getScore("concrete")

Reduce exploitable risk

Continuous adversarial analysis, vulnerability detection, and verified reassessment.

View Plans Methodology

Embed this score

Live, updates automatically. Free for any site. Click-through links open the full report on BlackHart.

Public

Style

Theme

Format

Preview

Copy iframe code

<iframe
  src="https://blackhart.io/embed/oracle/concrete?variant=card&theme=dark"
  title="BlackHart Risk Index: Concrete Protocol"
  width="340"
  height="290"
  frameborder="0"
  loading="lazy"
  style="border:0; max-width:100%;"
></iframe>

Believe this score contains a factual error? Submit evidence for review