Kamino Finance
DAMASCUSLending / Yield · Solana · $1B+ TVL · 10 contracts
Official site: kamino.finance ↗
785
3004756508251000
Confidence63%
Z-Factor0.72
Updated 2026-05-27Public scoreSecurity Profile
Access Control
72
72
Economic Soundness
72
72
Oracle Integrity
72
72
Compositional Risk
62
62
Governance
48
48
Maturity
60
60
Resilience
100
100
Supply Chain
75
75
Op Security
59
59
Cascade Exposure
100
100
Access Ctrl
72
72
Economic
72
72
Oracle
72
72
Compos.
62
62
Govern.
48
48
Maturity
60
60
Resilience
100
100
Supply Ch.
75
75
OpSec
59
59
Cascade
100
100
Min
48
Avg
72
Max
100
Audit History
OtterSec
2023-09
Offside Labs
2024-01
Bug Bounty Program
$1,500,000
Max payout on Immunefi
Assessment
Growing Solana lending protocol with moderate maturity. Multiply product adds leveraged composition risk. Oracle dependency on Solana ecosystem (D3=72) and governance centralization (D5=48) drag score. Clean security record helps.
Dimension Breakdown
MethodologyAccess Control
72Weight 18% · 68% confidence
+18Lending market creation permissioned by protocol
+18Asset listing controlled by Kamino team/governance
+18Liquidation is permissionless (good)
+18Admin authority for market parameters
Provenance
Economic Soundness
72Weight 13% · 68% confidence
+18Lending model with interest rate curves
+18Multiply (leveraged yield) adds economic complexity
+18kToken collateral creates recursive risk
+18Liquidation mechanics adapted for Solana's execution model
Provenance
Oracle Integrity
72Weight 13% · 70% confidence
+18Pyth and Switchboard oracle dependency
+18TWAP-based pricing for certain assets
+18Oracle staleness checks present
+18Solana oracle ecosystem less mature than Ethereum's Chainlink
Provenance
Battle-Tested Maturity
60Weight 12% · 65% confidence
+12Lending product live since early 2024 (~16 months)
+12Evolved from Hubble Protocol (vault strategy)
+12No protocol exploit to date
+12Growing TVL (~$2B) but relatively young lending protocol
Provenance
Governance & Upgradeability
48Weight 10% · 65% confidence
+16KMNO token governance is early stage
+16Protocol parameters largely team-controlled
-52No meaningful timelock on parameter changes
+16Governance structure still being decentralized
Provenance
Adversarial Resilienceredacted
100Weight 10% · 95% confidence
- Score derived from continuous adversarial security research
Provenance
Operational Security
59Weight 10% · 60% confidence
-41No branch protection detected
+12Active CI/CD (100% success rate)
+12Commit signing: 100% verified
+12Strong PR review culture (83% reviewed)
Provenance
Compositional Risk
62Weight 5% · 65% confidence
+21kTokens composed across Solana DeFi
+21Multiply product creates leveraged composition loops
+21JitoSOL, mSOL, etc. as collateral inherits LST risks
-38Cross-protocol liquidation cascades possible on Solana
Provenance
Cascade Exposure
100Weight 5% · 50% confidence
+33Member of 1 dependency cluster(s)
+33No cross-protocol cascade exposure detected
+33Source: cross_protocol_composition.json dependency analysis
Provenance
Supply Chain
75Weight 4% · 72% confidence
+19Rust/Anchor framework
+19Solana program library dependencies
+19Oracle client libraries (Pyth, Switchboard)
+19Math libraries for interest rate calculations
Provenance
Top Score Drivers
Dimensions with the greatest marginal impact on BRI.
Governance & Upgradeability
48+36.9 potential
No meaningful timelock on parameter changes
Battle-Tested Maturity
60+30.6 potential
Lending product live since early 2024 (~16 months)
Access Control
72+29.5 potential
Lending market creation permissioned by protocol
Operational Security
59+26.3 potential
No branch protection detected
Economic Soundness
72+21.2 potential
Lending model with interest rate curves
Adversarial Risk Signals
Publicly verifiable security posture indicators.
Disclosure HistoryNot Assessed
Remediation VelocityNot Assessed
Bug Bounty ProgramNot Assessed
Audit CoverageNot Assessed
Incident HistoryNot Assessed
methodology v2.1formula v1.1weights v1.1evidence sha256:sha256:8...
Score History & Verification
Score provenance tracking begins with the next reassessment.
On-Chain Data
- Protocol Slug
- "kamino"
- Oracle
- BRORegistry (Base)
- Evidence
- IPFS (pinned)
- Staleness Threshold
- 24 hours
Read Score
registry.getScore("kamino")Reduce exploitable risk
Continuous adversarial analysis, vulnerability detection, and verified reassessment.
Embed this score
Live, updates automatically. Free for any site. Click-through links open the full report on BlackHart.
Style
Theme
Format
Preview
Copy iframe code
<iframe
src="https://blackhart.io/embed/oracle/kamino?variant=card&theme=dark"
title="BlackHart Risk Index: Kamino Finance"
width="340"
height="290"
frameborder="0"
loading="lazy"
style="border:0; max-width:100%;"
></iframe>