Venus Protocol
DAMASCUSLending / Borrowing · BSC · $1.5B+ TVL · 20 contracts
Official site: venus.io ↗
781
3004756508251000
Confidence58%
Z-Factor0.86
Updated 2026-05-27Public scoreSecurity Profile
Access Control
68
68
Economic Soundness
65
65
Oracle Integrity
72
72
Compositional Risk
68
68
Governance
62
62
Maturity
80
80
Resilience
55
55
Supply Chain
75
75
Op Security
66
66
Cascade Exposure
100
100
Access Ctrl
68
68
Economic
65
65
Oracle
72
72
Compos.
68
68
Govern.
62
62
Maturity
80
80
Resilience
55
55
Supply Ch.
75
75
OpSec
66
66
Cascade
100
100
Min
55
Avg
71
Max
100
Audit History
Certik
2021-04
Peckshield
2023-03
OpenZeppelin
2024-01
Bug Bounty Program
$250,000
Max payout on Immunefi
Assessment
Largest BSC lending protocol, 67+ months live. Compound V2 fork with significant modifications. Historical bad debt and oracle manipulation incidents reduce resilience score. Governance and oracle framework improvements address past issues.
Dimension Breakdown
MethodologyAccess Control
68Weight 18% · 70% confidence
+17Comptroller admin controls
+17Guardian for emergency
+17Timelocked governance
+17BSC-native access patterns
Provenance
Economic Soundness
65Weight 13% · 68% confidence
+22Compound V2 fork economics
-35VAI stablecoin adds risk
+22Liquidation mechanism standard
+22Historical bad debt events
Provenance
Oracle Integrity
72Weight 13% · 70% confidence
+18Chainlink + Band oracle
+18Resilient oracle framework
+18Price validation
+18Multi-oracle approach
Provenance
Battle-Tested Maturity
80Weight 12% · 80% confidence
+20Live since October 2020 (67+ months)
+20Largest BSC lending protocol
+20Survived multiple incidents
+20Multiple version upgrades
Provenance
Governance & Upgradeability
62Weight 10% · 65% confidence
+16XVS governance token
+16Community governance active
+16Binance ecosystem alignment
+16Governance improvements over time
Provenance
Adversarial Resilienceredacted
55Weight 10% · 65% confidence
- Multiple bad debt incidents historically
- Oracle manipulation exploit in 2023
- Active bounty program
- Incident response improving
Provenance
Operational Security
66Weight 10% · 60% confidence
-34No branch protection detected
+13Active CI/CD (80% success rate)
+13Commit signing: 54% verified
+13Strong PR review culture (87% reviewed)
Provenance
Compositional Risk
68Weight 5% · 68% confidence
+17BSC ecosystem integration
+17VAI stablecoin dependencies
+17Limited cross-chain
+17LP token collateral
Provenance
Cascade Exposure
100Weight 5% · 55% confidence
+33Appears in 1 cross-protocol cascade chain(s)
+33Member of 2 dependency cluster(s)
+33Source: cross_protocol_composition.json dependency analysis
Provenance
Supply Chain
75Weight 4% · 75% confidence
+19Compound V2 fork
+19Standard Solidity
+19Verified on BscScan
+19Standard dependencies
Provenance
Top Score Drivers
Dimensions with the greatest marginal impact on BRI.
Access Control
68+34.6 potential
Comptroller admin controls
Adversarial Resilience
55+29.6 potential
Economic Soundness
65+27.7 potential
VAI stablecoin adds risk
Governance & Upgradeability
62+23.6 potential
XVS governance token
Oracle Integrity
72+21 potential
Chainlink + Band oracle
Adversarial Risk Signals
Publicly verifiable security posture indicators.
Disclosure HistoryNot Assessed
Remediation VelocityNot Assessed
Bug Bounty ProgramNot Assessed
Audit CoverageNot Assessed
Incident HistoryNot Assessed
methodology v2.1formula v1.0weights v1.0evidence sha256:sha256:d...
Score History & Verification
Score provenance tracking begins with the next reassessment.
On-Chain Data
- Protocol Slug
- "venus"
- Oracle
- BRORegistry (Base)
- Evidence
- IPFS (pinned)
- Staleness Threshold
- 24 hours
Read Score
registry.getScore("venus")Reduce exploitable risk
Continuous adversarial analysis, vulnerability detection, and verified reassessment.
Embed this score
Live, updates automatically. Free for any site. Click-through links open the full report on BlackHart.
Style
Theme
Format
Preview
Copy iframe code
<iframe
src="https://blackhart.io/embed/oracle/venus?variant=card&theme=dark"
title="BlackHart Risk Index: Venus Protocol"
width="340"
height="290"
frameborder="0"
loading="lazy"
style="border:0; max-width:100%;"
></iframe>