300 to 1000.
Scale matches credit-rating convention so institutional consumers can reason about it without retraining. Higher is safer.
| Range | Grade | Meaning |
|---|---|---|
| 950–1000 | A+ | Institutional-grade. Mature, low residual risk. |
| 900–949 | A | Strong. Well-guarded; upgrade discipline in place. |
| 850–899 | A− | Sound. Some exposure with active mitigations. |
| 800–849 | B+ | Acceptable for mainstream use. |
| 750–799 | B | Elevated exposure in one or more dimensions. |
| 700–749 | B− | Significant exposure; monitor closely. |
| 650–699 | C+ | High risk. Institutional capital should size down. |
| 550–649 | C | Very high risk; multiple concerning dimensions. |
| 450–549 | D | Do not use without active hedging. |
| 300–449 | F | Critical exposure present. |
Six areas, weighted by material impact.
Each area is evaluated independently against the deployed code, then combined into a single score. How we weight and measure each area is proprietary; what we evaluate is published here.
Access Control
How the protocol gates sensitive operations — who can do what, and how hard it is for an attacker to reach privileged functions.
Economic Integrity
Whether the accounting, fees, and value-flow primitives preserve the invariants the protocol depends on under adversarial inputs.
External Dependencies
Exposure to oracles, token integrations, and callback surfaces. The reliability of every external read and write the protocol makes.
Upgradeability & Governance
How changes are made to the deployed system — timelock delays, key concentration, and whether governance itself can be the attack path.
Composition Exposure
How the protocol interacts with others in the DeFi ecosystem. A protocol composed heavily inherits risk; a protocol composed by others spreads it.
Systemic Impact
The blast radius of a failure — how much of the protocol, and how much of its upstream and downstream ecosystem, is affected when a single function breaks.
Same code. Same score. Every time.
Every BRI score is tagged with the commit hash it was computed against. Reproducibility is a core commitment: changes in the score between updates are traceable to specific changes in the protocol’s deployed code.
A score going up or down is never noise. It is always signal.
Be wrong in public, fix in public.
When any ranked protocol is exploited, we publish a post-mortem showing what the score was at the time of exploit and whether the index should have seen it.
If the answer is “yes, and we didn’t” — we publish the adjustment we are shipping to fix it.
This is the only way to build trust in a score of this kind.
No pay-to-rate
Protocols cannot pay to influence their score. Any payment relationship between BlackHart and a scored protocol is disclosed alongside the score.
Public disputes
Protocols can submit factual corrections through a public issue tracker. BlackHart responds within 5 business days and posts the adjudication publicly.
Transparent changes
When the evaluation framework changes, we publish a redline notice before the change takes effect on public scores.