Scores/superform/Provenance/Supply Chain

Supply Chain

Compiler version CVEs, library dependencies, build reproducibility, and proxy pattern risk.

Weight 4%70% confidence

Moderate

info

How This Score Is Built

Compiler version CVEs, library dependencies, build reproducibility, and proxy pattern risk.

+23Strong positive

+12Positive

+5Slight positive

−15Strong negative

−8Negative

−3Slight negative

Scoring Tree

BRI Formula

300 + 700 × ∏(Dᵢ/100)^wᵢ

617

Current BRI

D8Supply Chain

Weight 4%

(60/100)^0.04 = 0.9798

Contributing Factors

+15Standard dependencies: OpenZeppelin, forge-std, solady

+15No exotic or unaudited supply chain dependencies

+15Substrate/Solidity mixed stack but standard patterns

+15Moderate dependency complexity from multi-protocol integrations

Evidence Sources

blackhart_analysisMay 13sha256:ea489f7d4b1f....View

blackhart_analysisMay 17sha256:3825ed99904c....View

Score Composition

+15

Standard dependencies: OpenZeppelin, forge-std, solady

Positiveopen_in_newGitHub Supply ChainMay 13, 2026

+15

No exotic or unaudited supply chain dependencies

Positiveopen_in_newGitHub Supply ChainMay 13, 2026

+15

Substrate/Solidity mixed stack but standard patterns

Positiveopen_in_newGitHub Supply ChainMay 13, 2026

+15

Moderate dependency complexity from multi-protocol integrations

Positiveopen_in_newGitHub Supply ChainMay 13, 2026

Evidence Chain (2 files)

GitHub APIMay 17, 2026, 06:58 PM

open_in_newGitHub (/)

sha256:3825ed99904c...

BlackHart AnalysisMay 13, 2026, 11:45 PM

open_in_newSupply Chain — GitHub Supply Chain

sha256:ea489f7d4b1f...

Score History

No dimension-level score changes recorded yet.

Methodology: 2.1Formula: 1.1Weights: 1.1

How is Supply Chain scored?← Back to Provenance Ledger