Scores/Pendle V2/Provenance/Supply Chain

Supply Chain

Compiler version CVEs, library dependencies, build reproducibility, and proxy pattern risk.

Weight 4%78% confidence

Strong

info

How This Score Is Built

Compiler version CVEs, library dependencies, build reproducibility, and proxy pattern risk.

+23Strong positive

+12Positive

+5Slight positive

−15Strong negative

−8Negative

−3Slight negative

Scoring Tree

BRI Formula

300 + 700 × ∏(Dᵢ/100)^wᵢ

746

Current BRI

D8Supply Chain

Weight 4%

(80/100)^0.04 = 0.9911

Contributing Factors

+27Standard OZ libraries for base contracts

+27Each SY adapter adds unique dependency risk

+2712 reentry edge types detected -- reentrancy surface exists but guarded

0Proxy patterns used for upgradeability (IMPLEMENTATION_SLOT, ADMIN_SLOT, BEACON_SLOT detected)

Evidence Sources

blackhart_analysisMay 4sha256:f2af20793fc0....View

blackhart_analysisMay 17sha256:c01cf2d1e0d9....View

Score Composition

Proxy patterns used for upgradeability (IMPLEMENTATION_SLOT, ADMIN_SLOT, BEACON_SLOT detected)

Neutralopen_in_newGitHub Supply ChainMay 4, 2026

+27

Standard OZ libraries for base contracts

Positiveopen_in_newGitHub Supply ChainMay 4, 2026

+27

Each SY adapter adds unique dependency risk

Positiveopen_in_newGitHub Supply ChainMay 4, 2026

+27

12 reentry edge types detected -- reentrancy surface exists but guarded

Positiveopen_in_newGitHub Supply ChainMay 4, 2026

Evidence Chain (2 files)

GitHub APIMay 17, 2026, 06:58 PM

open_in_newGitHub (/)

sha256:c01cf2d1e0d9...

BlackHart AnalysisMay 4, 2026, 10:00 PM

open_in_newSupply Chain — GitHub Supply Chain

sha256:f2af20793fc0...

Score History

No dimension-level score changes recorded yet.

Methodology: 2.1Formula: 1.1Weights: 1.1

How is Supply Chain scored?← Back to Provenance Ledger