D11
Operational Security
Incident response speed, deployment hygiene, key management, monitoring infrastructure, and emergency history.
Weight 10%60% confidence
63
Moderate
info
How This Score Is Built
Incident response speed, deployment hygiene, key management, monitoring infrastructure, and emergency history.
+23Strong positive
+12Positive
+5Slight positive
−15Strong negative
−8Negative
−3Slight negative
Scoring Tree
BRI Formula
300 + 700 × ∏(Dᵢ/100)^wᵢ
796
Current BRI
D11Operational Security
Weight 10%
63
(63/100)^0.1 = 0.9548
Sub-Scores
Development Practices
34
Incident Response
65
Deployment Hygiene
69
Key Management
70
Monitoring
85
Emergency History
75
Contributing Factors
+16Commit signing: 52% verified
+16SECURITY.md present (detailed)
+16Moderate development (17 commits/month)
+16Multiple monitoring repos found: keeper-bots-v2, keepyrs, keep-rs
-18No branch protection detected
-18CI/CD present but unstable (20% success)
0Incident response time not available (using commit frequency proxy)
0Key management score defaulted (no on-chain data available)
Sub-Score Breakdown
Development Practices
34
Incident Response
65
Deployment Hygiene
69
Key Management
70
Monitoring
85
Emergency History
75
Score Composition
-18
No branch protection detected
-18
CI/CD present but unstable (20% success)
0
Incident response time not available (using commit frequency proxy)
0
Key management score defaulted (no on-chain data available)
+16
Commit signing: 52% verified
+16
SECURITY.md present (detailed)
+16
Moderate development (17 commits/month)
+16
Multiple monitoring repos found: keeper-bots-v2, keepyrs, keep-rs
Evidence Chain (5 files)
hack_forensicsMay 23, 2026, 12:00 AM
open_in_newPrecedent: StablR exploit (analogous)exploit type: key_compromise
loss usd: 11020000
relation: analogous
match: Multisig signer compromised via blind-signing social engineering on a 2/5 Safe (April 2026, $285M). Same root cause: weak operational security on privileged aut
hack_forensicsMay 22, 2026, 12:00 AM
open_in_newPrecedent: Polymarket exploit (analogous)exploit type: key_compromise
loss usd: 700000
relation: analogous
match: Operational private-key compromise enabling unilateral drain. Drift was via long-form social engineering + durable-nonce blind signing on a 2/5 multisig; Polyma
GitHub APIMay 20, 2026, 04:43 AM
open_in_newExternal: repos/drift-labs/protocol-v2/*sha256:723e5e58f9c326088270282...
GitHub APIMay 20, 2026, 04:43 AM
open_in_newGitHub (drift-labs/protocol-v2)branch protection: No
required reviews: 0
ci success rate: 20%
has ci: Yes
signing ratio: 52%
commits 90d: 50
pr review ratio: 40%
dependabot: No
security policy: Yes
sha256:723e5e58f9c3...
hack_forensicsApr 1, 2026, 12:00 AM
open_in_newForensics: Drift exploit ($285,000,000)exploit type: key_compromise
loss usd: 285000000
relation: direct
Score History
63(+63)
No branch protection detectedMethodology: 2.1Formula: 1.1Weights: 1.1