Scores/Origin Protocol

Origin Protocol

DAMASCUS

Yield / DeFi · Ethereum · $300M+ TVL · 15 contracts

Official site: originprotocol.com ↗

799

3004756508251000

Confidence65%

Z-Factor0.80

Updated 2026-05-27Public score

Security Profile

Access Control
72

Economic Soundness
65

Oracle Integrity
72

Compositional Risk
58

Governance
55

Maturity
75

Resilience
90

Supply Chain
76

Op Security
69

Cascade Exposure
100

Access Ctrl
72

Economic
65

Oracle
72

Compos.
58

Govern.
55

Maturity
75

Resilience
90

Supply Ch.
76

OpSec
69

Cascade
100

Min

Avg

Max

100

Audit History

Trail of Bits

2021-05

OpenZeppelin

2023-01

Bug Bounty Program

$1,000,000

Max payout on Immunefi

View Program

Assessment

Yield aggregator that learned from 2020 exploit. High maturity (Z=0.945) but D2=65 reflects historical economic vulnerability. Wide composition surface from multi-strategy approach. Post-exploit security improvements are real but past exploit anchors risk perception.

Dimension Breakdown

Methodology

Access Control

Weight 18% · 70% confidence

+18Vault-based architecture with strategist and governor roles

+18OUSD/OETH minting through controlled deposit flow

+18Strategy allocation controlled by strategist multisig

+18Timelock on governance actions

Provenance

Economic Soundness

Weight 13% · 70% confidence

+16Yield-bearing stablecoins (OUSD, OETH) via strategy allocation

+16OUSD suffered $7M exploit in Nov 2020 (flash loan/reentrancy)

+16Rebasing token model adds economic complexity

+16Strategy diversification reduces single-point failure

Provenance

Oracle Integrity

Weight 13% · 70% confidence

+24Chainlink oracles for asset pricing

+24Vault share pricing depends on strategy valuation

+24OUSD/OETH peg relies on accurate underlying pricing

-28Historical exploit involved oracle-adjacent flash loan attack

Provenance

Battle-Tested Maturity

Weight 12% · 75% confidence

+15OUSD live since 2020 (70+ months), OETH since 2023

+15Experienced and survived $7M exploit (learned from it)

+15Multiple redesigns and security improvements post-exploit

+15Multiple audits (OpenZeppelin, Trail of Bits, Certora)

Provenance

Governance & Upgradeability

Weight 10% · 65% confidence

+14OGN token governance exists

+14Team retains significant operational control

+14Strategist role has broad powers within guardrails

+14Timelock provides some governance safety

Provenance

Adversarial Resilienceredacted

Weight 10% · 95% confidence

Score derived from continuous adversarial security research

Provenance

Operational Security

Weight 10% · 60% confidence

-31No branch protection detected

+14Active CI/CD (100% success rate)

+14Commit signing: 100% verified

+14Strong PR review culture (93% reviewed)

Provenance

Compositional Risk

Weight 5% · 68% confidence

+14Strategies compose across multiple DeFi protocols (Aave, Compound, Convex, etc.)

+14OUSD/OETH used as collateral in lending markets

+14Strategy diversity means wide composition surface

+14Rebasing token creates integration complexity for downstream

Provenance

Cascade Exposure

Weight 5% · 50% confidence

100

+33Member of 2 dependency cluster(s)

+33No cross-protocol cascade exposure detected

+33Source: cross_protocol_composition.json dependency analysis

Provenance

Supply Chain

Weight 4% · 75% confidence

+19OpenZeppelin dependencies

+19Strategy contracts interact with many external protocols

+19Standard Solidity stack

+19Wide dependency surface from strategy diversity

Provenance

Top Score Drivers

Dimensions with the greatest marginal impact on BRI.

Governance & Upgradeability

55+30.8 potential

OGN token governance exists

Access Control

72+30.4 potential

Vault-based architecture with strategist and governor roles

Economic Soundness

65+28.8 potential

Yield-bearing stablecoins (OUSD, OETH) via strategy allocation

Oracle Integrity

72+21.8 potential

Historical exploit involved oracle-adjacent flash loan attack

Operational Security

69+18.9 potential

No branch protection detected

Adversarial Risk Signals

Publicly verifiable security posture indicators.

Disclosure HistoryNot Assessed

Remediation VelocityNot Assessed

Bug Bounty ProgramNot Assessed

Audit CoverageNot Assessed

Incident HistoryNot Assessed

Deployed 2020-09-0110 dimensionsProvenance Ledger

methodology v2.1formula v1.1weights v1.1evidence sha256:sha256:2...

Score History & Verification

Score provenance tracking begins with the next reassessment.

Full provenance ledger

On-Chain Data

Protocol Slug: "origin"
Oracle: BRORegistry (Base)
Evidence: IPFS (pinned)
Staleness Threshold: 24 hours

Read Score

registry.getScore("origin")

Reduce exploitable risk

Continuous adversarial analysis, vulnerability detection, and verified reassessment.

View Plans Methodology

Embed this score

Live, updates automatically. Free for any site. Click-through links open the full report on BlackHart.

Public

Style

Theme

Format

Preview

Copy iframe code

<iframe
  src="https://blackhart.io/embed/oracle/origin?variant=card&theme=dark"
  title="BlackHart Risk Index: Origin Protocol"
  width="340"
  height="290"
  frameborder="0"
  loading="lazy"
  style="border:0; max-width:100%;"
></iframe>

Believe this score contains a factual error? Submit evidence for review