Scores/dYdX

dYdX

DAMASCUS

Perps DEX · dYdX Chain (Cosmos) · $500M+ TVL · 10 contracts

Official site: dydx.exchange ↗

807

3004756508251000

Confidence82%

Z-Factor0.82

Updated 2026-05-27Public score

Security Profile

Access Control
76

Economic Soundness
82

Oracle Integrity
75

Compositional Risk
78

Governance
72

Maturity
85

Resilience
46

Supply Chain
82

Op Security
56

Cascade Exposure
95

Access Ctrl
76

Economic
82

Oracle
75

Compos.
78

Govern.
72

Maturity
85

Resilience
46

Supply Ch.
82

OpSec
56

Cascade
95

Min

Avg

Max

Audit History

Trail of Bits

2021-02

Peckshield

2023-08

Informal Systems

2023-10

Bug Bounty Program

$1,000,000

Max payout on Cantina

View Program

Assessment

Downgraded from MITHRIL (859) after 26 adversarial findings including 8 Criticals. Chain halt vectors (OOM, Price=0, negative fee panic) demonstrate systemic fragility in consensus-layer validation. ClobPairIdFilter bypass is a direct access control failure enabling fund theft. D7 calibrated against euler_v2 (81 findings, D7=41), reserve (100 findings, D7=40), lido (38 findings, D7=44) using v1.1 severity-weighted formula.

Dimension Breakdown

Methodology

Access Control

Weight 18% · 88% confidence

+15Cosmos-based chain with validator set

+15Smart contract bridge to Ethereum

+15Governance controls protocol parameters

+15Operator permissions for market creation

Provenance

Economic Soundness

Weight 13% · 80% confidence

+20Orderbook model proven at scale

+20Insurance fund for socialized losses

+20Liquidation engine well-tested

+20Fee structure transparent

Provenance

Oracle Integrity

Weight 13% · 72% confidence

+25Custom oracle system for perpetual pricing

+25Multiple data sources aggregated

+25Oracle committee for price submission

-25Centralized oracle trust assumption

Provenance

Battle-Tested Maturity

Weight 12% · 85% confidence

+21V3 live since April 2021, V4 since October 2023

+21Largest perpetual DEX by volume

+21Survived multiple market events

+21Chain migration demonstrates operational capability

Provenance

Governance & Upgradeability

Weight 10% · 72% confidence

+18DYDX token governance via Cosmos chain

+18Foundation controls significant parameters

+18Governance participation growing

+18Migration from Ethereum added complexity

Provenance

Adversarial Resilienceredacted

Weight 10% · 95% confidence

3 low-severity and 1 informational finding
Critical vectors: chain halt (OOM via MinNumVotesPerSample, Price=0 market creation, negative fee panic), ClobPairIdFilter bypass (full account drain)
Source: BlackHart adversarial sprint May 2026

Provenance

Operational Security

Weight 10% · 60% confidence

-22No branch protection detected

-22CI/CD present but unstable (40% success)

+14Commit signing: 100% verified

+14Strong PR review culture (97% reviewed)

Provenance

Compositional Risk

Weight 5% · 75% confidence

+20Standalone chain reduces external composition

+20Bridge to Ethereum adds cross-chain risk

+20Limited DeFi composability by design

+20Validator set dependency

Provenance

Cascade Exposure

Weight 5% · 50% confidence

+48No cross-protocol cascade exposure detected

+48Source: cross_protocol_composition.json dependency analysis

Provenance

Supply Chain

Weight 4% · 80% confidence

+20Cosmos SDK based

+20Standard Go/Solidity stack

+20Verified Ethereum contracts

+20Custom trading engine

Provenance

Top Score Drivers

Dimensions with the greatest marginal impact on BRI.

Adversarial Resilience

46+40.9 potential

Operational Security

56+30.2 potential

No branch protection detected

Access Control

76+25.6 potential

Cosmos-based chain with validator set

Oracle Integrity

75+19.3 potential

Custom oracle system for perpetual pricing

Governance & Upgradeability

72+16.9 potential

DYDX token governance via Cosmos chain

Adversarial Risk Signals

Publicly verifiable security posture indicators.

Disclosure HistoryNot Assessed

Remediation VelocityNot Assessed

Bug Bounty ProgramNot Assessed

Audit CoverageNot Assessed

Incident HistoryNot Assessed

Deployed 2021-04-0110 dimensionsProvenance Ledger

methodology v2.1formula v1.1weights v1.1evidence sha256:sha256:2...

Score History & Verification

Score provenance tracking begins with the next reassessment.

Full provenance ledger

On-Chain Data

Protocol Slug: "dydx"
Oracle: BRORegistry (Base)
Evidence: IPFS (pinned)
Staleness Threshold: 24 hours

Read Score

registry.getScore("dydx")

Reduce exploitable risk

Continuous adversarial analysis, vulnerability detection, and verified reassessment.

View Plans Methodology

Embed this score

Live, updates automatically. Free for any site. Click-through links open the full report on BlackHart.

Public

Style

Theme

Format

Preview

Copy iframe code

<iframe
  src="https://blackhart.io/embed/oracle/dydx?variant=card&theme=dark"
  title="BlackHart Risk Index: dYdX"
  width="340"
  height="290"
  frameborder="0"
  loading="lazy"
  style="border:0; max-width:100%;"
></iframe>

Believe this score contains a factual error? Submit evidence for review