Scores/Renzo Protocol

Renzo Protocol

TEMPERED

Liquid Restaking · Ethereum · $1B+ TVL · 10 contracts

Official site: renzoprotocol.com ↗

724

3004756508251000

Confidence65%

Z-Factor0.60

Updated 2026-05-27Public score

Security Profile

Access Control
70

Economic Soundness
68

Oracle Integrity
72

Compositional Risk
50

Governance
42

Maturity
62

Resilience
50

Supply Chain
78

Op Security
45

Cascade Exposure
89

Access Ctrl
70

Economic
68

Oracle
72

Compos.
50

Govern.
42

Maturity
62

Resilience
50

Supply Ch.
78

OpSec
45

Cascade
89

Min

Avg

Max

Audit History

Halborn

2024-01

Code4rena

2024-05

Bug Bounty Program

$500,000

Max payout on Immunefi

View Program

Assessment

Liquid restaking with proven depeg risk. Inherits EigenLayer compositional risk (D4=50) and governance centralization (D5=42) significantly drag score. No BlackHart findings but economic design issues are documented.

Dimension Breakdown

Methodology

Access Control

Weight 18% · 68% confidence

+18Operator selection controlled by Renzo team

+18Deposit/withdrawal gated by protocol state

+18ezETH minting access open but redemption has been restricted

+18Admin keys control operator delegation and strategy

Provenance

Economic Soundness

Weight 13% · 65% confidence

+17ezETH depeg events occurred (May 2024, ~18% depeg)

+17Restaking yield model depends on AVS reward sustainability

+17Withdrawal queue design caused liquidity crises

+17Points-based incentive model creates speculative pressure

Provenance

Oracle Integrity

Weight 13% · 70% confidence

+18ezETH/ETH rate determined internally by protocol

+18External oracle feeds for cross-chain bridging

+18Rate oracle manipulation surface during depegs

+18Chainlink feed added post-depeg for external validation

Provenance

Battle-Tested Maturity

Weight 12% · 70% confidence

+12Mainnet since January 2024 (~28 months)

+12Experienced significant depeg event (May 2024)

+12Protocol redesign after depeg (withdrawal improvements)

+12TVL ~$3B, moderate battle testing

Provenance

Governance & Upgradeability

Weight 10% · 75% confidence

-19REZ token governance but largely centralized operation

+42Team multisig controls critical parameters

-19No meaningful timelock on operator changes

-19Withdrawal restrictions imposed unilaterally during stress

Provenance

Adversarial Resilienceredacted

Weight 10% · 30% confidence

Maximum resilience under independent adversarial testing
Comprehensive security coverage across all attack surfaces
Active bounty program incentivizes continuous scrutiny
No validated adversarial findings — score set to neutral baseline

Provenance

Operational Security

Weight 10% · 50% confidence

-55No branch protection detected

+9No CI/CD pipeline detected

+9Strong PR review culture (80% reviewed)

+9Minimal development activity (0 commits/month)

Provenance

Compositional Risk

Weight 5% · 72% confidence

+10Inherits ALL EigenLayer compositional risk

+10ezETH composed across lending protocols (Morpho, Aave)

+10Cross-chain bridging adds bridge risk layer

+10AVS slashing cascades through to ezETH holders

Provenance

Cascade Exposure

Weight 5% · 60% confidence

+30Appears in 2 cross-protocol cascade chain(s)

+30Member of 4 dependency cluster(s)

+30Source: cross_protocol_composition.json dependency analysis

Provenance

Supply Chain

Weight 4% · 80% confidence

+26OpenZeppelin upgradeable contracts

+26Standard dependency stack

+26Cross-chain message passing adds bridge dependencies

Provenance

Top Score Drivers

Dimensions with the greatest marginal impact on BRI.

Governance & Upgradeability

42+38.4 potential

Team multisig controls critical parameters

Operational Security

45+35.3 potential

No branch protection detected

Adversarial Resilience

50+30.5 potential

Access Control

70+28.1 potential

Operator selection controlled by Renzo team

Battle-Tested Maturity

62+25 potential

Mainnet since January 2024 (~28 months)

Adversarial Risk Signals

Publicly verifiable security posture indicators.

Disclosure HistoryNot Assessed

Remediation VelocityNot Assessed

Bug Bounty ProgramNot Assessed

Audit CoverageNot Assessed

Incident HistoryNot Assessed

Deployed 2024-01-1510 dimensionsProvenance Ledger

methodology v2.1formula v1.1weights v1.1evidence sha256:sha256:8...

Score History & Verification

Score provenance tracking begins with the next reassessment.

Full provenance ledger

On-Chain Data

Protocol Slug: "renzo"
Oracle: BRORegistry (Base)
Evidence: IPFS (pinned)
Staleness Threshold: 24 hours

Read Score

registry.getScore("renzo")

Reduce exploitable risk

Continuous adversarial analysis, vulnerability detection, and verified reassessment.

View Plans Methodology

Embed this score

Live, updates automatically. Free for any site. Click-through links open the full report on BlackHart.

Public

Style

Theme

Format

Preview

Copy iframe code

<iframe
  src="https://blackhart.io/embed/oracle/renzo?variant=card&theme=dark"
  title="BlackHart Risk Index: Renzo Protocol"
  width="340"
  height="290"
  frameborder="0"
  loading="lazy"
  style="border:0; max-width:100%;"
></iframe>

Believe this score contains a factual error? Submit evidence for review