D1
Access Control
Permission models, admin surface, reentrancy protection, and authorization boundaries. #1 exploit vector by dollar loss in DeFi history.
Weight 18%92% confidence
92
Excellent
info
How This Score Is Built
Permission models, admin surface, reentrancy protection, and authorization boundaries. #1 exploit vector by dollar loss in DeFi history.
+23Strong positive
+12Positive
+5Slight positive
−15Strong negative
−8Negative
−3Slight negative
Scoring Tree
BRI Formula
300 + 700 × ∏(Dᵢ/100)^wᵢ
856
Current BRI
D1Access Control
Weight 18%
92
(92/100)^0.18 = 0.9851
Contributing Factors
+18Minimal admin surface (fee setting only, capped)
+18Transient storage lock eliminates reentrancy class
+18Flash accounting enforces within-tx balance invariants
+1858 access control checks across 246 total checks (23.6% check density)
+18All core PoolManager functions are view/pure (6 functions)
Evidence Sources
protocol_metadataJun 1
protocol_metadataJul 1
protocol_metadataAug 1
protocol_metadataOct 1
Score Composition
+18
Minimal admin surface (fee setting only, capped)
+18
Transient storage lock eliminates reentrancy class
+18
Flash accounting enforces within-tx balance invariants
+18
58 access control checks across 246 total checks (23.6% check density)
+18
All core PoolManager functions are view/pure (6 functions)
Evidence Chain (6 files)
GitHub APIMay 17, 2026, 06:58 PM
open_in_newGitHub (/)sha256:36d1d3a4f199...
Audit ReportOct 1, 2024, 12:00 AM
Audit ReportSep 1, 2024, 12:00 AM
open_in_newOpenZeppelin (2024-09)Audit ReportAug 1, 2024, 12:00 AM
Audit ReportJul 1, 2024, 12:00 AM
Audit ReportJun 1, 2024, 12:00 AM
Score History
No dimension-level score changes recorded yet.
Methodology: 2.1Formula: 1.1Weights: 1.1