Why we exist.
Billions in user funds sit in smart contracts that change constantly. New deployments, governance actions, oracle migrations, and shifting integrations all move a protocol's risk profile. A review that happens once a year cannot keep up with code that ships every week.
A point-in-time audit captures one snapshot and then goes stale the moment the next commit lands. Users, treasuries, and insurers are left without a reliable, ongoing signal for how safe a protocol is today.
BlackHart addresses that gap. We run adversarial research against live protocols to find exploitable bugs before attackers do, and we ship the fix. We publish a risk index (the BRI) scored across 12 security dimensions, and work directly with protocol teams on what we find. Each finding is proven with a working exploit on a mainnet fork and delivered with remediation as a merge-ready pull request — your team reviews and merges it, and we never hold your deploy or merge keys.
Protocols ship continuously. The security work that protects them should too.
That work starts free for everyone: the hacks feed, a per-protocol BRI and Shield rating, and redacted previews of lower-severity findings. From there, teams that want to work with us directly move into Direct Engagement — a private, outcome-based relationship with a direct line to our researchers — and then Vanguard, where a dedicated researcher monitors the protocol continuously and delivers fixes as merge-ready pull requests.
One principle never changes: when we find a live Critical or funds-at-risk issue, we disclose it to the protocol immediately and for free, through its existing channels. Safety is never gated behind a paywall.
That same engine now rates the integrity of individual prediction markets. Using one Forge Scale and one composite formula, a market-integrity score from 300 to 1000 measures how exposed an average trader is to informed flow, ambiguous resolution, and venue risk across six dimensions. A low score flags where to look harder.
verifiedThese numbers are drawn live from the BlackHart Oracle and grow with every protocol we score — together with the hack-intelligence feed, it's the risk-intelligence nervous system for DeFi. Every finding is fork-validated with a passing proof of concept: real exploits, real state, real value at risk.
Founded by veterans.
BlackHart was founded by military veterans who spent their careers defending critical systems. The team pairs hands-on exploit development with in-house detection tooling and a working knowledge of DeFi protocol architecture. We approach every engagement the way an attacker would, and we work it to completion.