BlackHartBlackHart
Scores/Orca

Orca

DAMASCUS

DEX / AMM · Solana · $500M+ TVL · 5 contracts

Official site: orca.so

800
3004756508251000
Confidence69%
Z-Factor0.82
Updated 2026-05-27Public score

Security Profile

Access Ctrl
78
Economic
80
Oracle
85
Compos.
72
Govern.
52
Maturity
80
Resilience
50
Supply Ch.
78
OpSec
60
Cascade
95
Min
50
Avg
73
Max
95

Audit History

Kudelski Security
2022-03
Neodyme
2023-02

Bug Bounty Program

$500,000
Max payout on Immunefi
View Program

Assessment

Dominant Solana CLMM DEX. Proven AMM model adapted to Solana runtime. Clean security record. Governance centralization (D5=52) is the main weakness. Good maturity for Solana ecosystem.

Dimension Breakdown

Methodology
Access Control
Weight 18% · 72% confidence
78
+20Permissionless pool creation (Whirlpools)
+20Fee tier and tick spacing parameters controlled by protocol
+20Admin authority for protocol fee collection
+20Position management is user-controlled (NFT-based)
Provenance
Economic Soundness
Weight 13% · 78% confidence
80
+20Concentrated liquidity model (Uniswap V3-inspired)
+20Well-understood AMM economics, adapted for Solana
+20Fee tiers provide economic flexibility
+20No inflationary token incentive distortions in AMM core
Provenance
Oracle Integrity
Weight 13% · 82% confidence
85
+21AMM prices derived from pool state (TWAP available)
+21No external oracle dependency in core DEX
+21Manipulation resistance from concentrated liquidity depth
+21Price observations stored on-chain
Provenance
Battle-Tested Maturity
Weight 12% · 78% confidence
80
+16Original Orca DEX since 2021, Whirlpools since mid-2022
+16No protocol exploit on Whirlpools
+16Dominant Solana DEX for concentrated liquidity
+16Multiple audits (Kudelski, Neodyme)
Provenance
Governance & Upgradeability
Weight 10% · 65% confidence
52
+17ORCA token exists but governance is limited
+17Protocol decisions largely made by Orca team
+17No visible on-chain governance mechanism
-48Centralized fee parameter control
Provenance
Adversarial Resilienceredacted
Weight 10% · 30% confidence
50
  • No validated adversarial findings — score set to neutral baseline
Provenance
Operational Security
Weight 10% · 60% confidence
60
-40No branch protection detected
+12Active CI/CD (80% success rate)
+12Commit signing: 76% verified
+12Dependabot enabled
Provenance
Compositional Risk
Weight 5% · 70% confidence
72
+18Widely composed in Solana DeFi (Jupiter aggregation)
+18Single-chain limits cross-chain risk
+18LP positions used as collateral in lending protocols
+18Whirlpool composability is well-bounded
Provenance
Cascade Exposure
Weight 5% · 50% confidence
95
+48No cross-protocol cascade exposure detected
+48Source: cross_protocol_composition.json dependency analysis
Provenance
Supply Chain
Weight 4% · 75% confidence
78
+20Rust/Anchor framework
+20SPL token standards
+20Limited external dependencies in core AMM
+20Math libraries are protocol-internal
Provenance

Top Score Drivers

Dimensions with the greatest marginal impact on BRI.

Adversarial Resilience
50+35.9 potential
Governance & Upgradeability
52+33.8 potential
Centralized fee parameter control
Operational Security
60+26.2 potential
No branch protection detected
Access Control
78+22.9 potential
Permissionless pool creation (Whirlpools)
Economic Soundness
80+14.7 potential
Concentrated liquidity model (Uniswap V3-inspired)

Adversarial Risk Signals

Publicly verifiable security posture indicators.

Disclosure HistoryNot Assessed
Remediation VelocityNot Assessed
Bug Bounty ProgramNot Assessed
Audit CoverageNot Assessed
Incident HistoryNot Assessed
Deployed 2021-02-0110 dimensionsProvenance Ledger
methodology v2.1formula v1.1weights v1.1evidence sha256:sha256:f...

Score History & Verification

Score provenance tracking begins with the next reassessment.

Full provenance ledger

On-Chain Data

Protocol Slug
"orca"
Oracle
BRORegistry (Base)
Evidence
IPFS (pinned)
Staleness Threshold
24 hours
Read Score
registry.getScore("orca")
Reduce exploitable risk

Continuous adversarial analysis, vulnerability detection, and verified reassessment.

View PlansMethodology

Embed this score

Live, updates automatically. Free for any site. Click-through links open the full report on BlackHart.

Public
Style
Theme
Format
Preview
Copy iframe code
<iframe
  src="https://blackhart.io/embed/oracle/orca?variant=card&theme=dark"
  title="BlackHart Risk Index: Orca"
  width="340"
  height="290"
  frameborder="0"
  loading="lazy"
  style="border:0; max-width:100%;"
></iframe>
Believe this score contains a factual error? Submit evidence for review