Scores/Wormhole/Provenance/Access Control

Access Control

Permission models, admin surface, reentrancy protection, and authorization boundaries. #1 exploit vector by dollar loss in DeFi history.

Weight 18%72% confidence

Good

info

How This Score Is Built

Permission models, admin surface, reentrancy protection, and authorization boundaries. #1 exploit vector by dollar loss in DeFi history.

+23Strong positive

+12Positive

+5Slight positive

−15Strong negative

−8Negative

−3Slight negative

Scoring Tree

BRI Formula

300 + 700 × ∏(Dᵢ/100)^wᵢ

791

Current BRI

D1Access Control

Weight 16%

(75/100)^0.16 = 0.9550

Contributing Factors

+2519-guardian validator set (improved from 13 post-exploit)

+25Rate limiting and governor contracts added post-exploit

+25Threshold signature scheme requires 13/19 consensus

-25Guardian key management remains centralized risk

Evidence Sources

blackhart_analysisMay 4sha256:27d664cb03c5....View

blackhart_analysisMay 17sha256:6d8e421de512....View

Score Composition

-25

Guardian key management remains centralized risk

Strong negativeopen_in_newSource CodeMay 4, 2026

+25

19-guardian validator set (improved from 13 post-exploit)

Strong positiveopen_in_newSource CodeMay 4, 2026

+25

Rate limiting and governor contracts added post-exploit

Strong positiveopen_in_newSource CodeMay 4, 2026

+25

Threshold signature scheme requires 13/19 consensus

Strong positiveopen_in_newSource CodeMay 4, 2026

Evidence Chain (2 files)

GitHub APIMay 17, 2026, 06:58 PM

open_in_newGitHub (/)

sha256:6d8e421de512...

BlackHart AnalysisMay 4, 2026, 06:00 PM

open_in_newAccess Control — Source Code

sha256:27d664cb03c5...

Score History

No dimension-level score changes recorded yet.

Methodology: 2.1Formula: 1.1Weights: 1.1

How is Access Control scored?← Back to Provenance Ledger