Scores/dYdX

dYdX

DAMASCUS

Perps DEX · dYdX Chain (Cosmos) · $500M+ TVL · 10 contracts

Confidence 82%Z-Factor 0.82Updated 2026-05-13Public Score

Public risk assessment — scores are produced with the same methodology as monitored protocols

817

BRI Score

3004756508251000

Security Profile

Access Control
76

Economic Soundness
82

Oracle Integrity
75

Compositional Risk
78

Governance
72

Maturity
85

Resilience
46

Supply Chain
82

Op Security
78

Access Ctrl
76

Economic
82

Oracle
75

Compos.
78

Govern.
72

Maturity
85

Resilience
46

Supply Ch.
82

OpSec
78

Min

Avg

Max

Audit History

Trail of Bits

2021-02

Peckshield

2023-08

Informal Systems

2023-10

Bug Bounty Program

$500,000

Max payout on Immunefi

View Program →

Assessment

Downgraded from MITHRIL (859) after 26 adversarial findings including 8 Criticals. Chain halt vectors (OOM, Price=0, negative fee panic) demonstrate systemic fragility in consensus-layer validation. ClobPairIdFilter bypass is a direct access control failure enabling fund theft. D7 calibrated against euler_v2 (81 findings, D7=41), reserve (100 findings, D7=40), lido (38 findings, D7=44) using v1.1 severity-weighted formula.

Dimension Breakdown

How scores work →

Access Control

Weight 19%88% conf

Good

Cosmos-based chain with validator set
Smart contract bridge to Ethereum
Governance controls protocol parameters
Operator permissions for market creation
ClobPairIdFilter bypass: authenticator ACL on trading sub-keys can be circumvented, enabling full account drain from restricted keys

Economic Soundness

Weight 14%80% conf

Strong

Orderbook model proven at scale
Insurance fund for socialized losses
Liquidation engine well-tested
Fee structure transparent

Oracle Integrity

Weight 14%72% conf

Good

Custom oracle system for perpetual pricing
Multiple data sources aggregated
Oracle committee for price submission
Centralized oracle trust assumption

Battle-Tested Maturity

Weight 13%85% conf

Strong

V3 live since April 2021, V4 since October 2023
Largest perpetual DEX by volume
Survived multiple market events
Chain migration demonstrates operational capability

Governance & Upgradeability

Weight 11%72% conf

Good

DYDX token governance via Cosmos chain
Foundation controls significant parameters
Governance participation growing
Migration from Ethereum added complexity

Adversarial Resilience

Weight 11%95% conf

Concerning

3 low-severity and 1 informational finding
Critical vectors: chain halt (OOM via MinNumVotesPerSample, Price=0 market creation, negative fee panic), ClobPairIdFilter bypass (full account drain)
Source: BlackHart adversarial sprint May 2026

Operational Security

Weight 11%75% conf

Good

Professional trading infrastructure
24/7 monitoring
Validator coordination
Incident response demonstrated

Compositional Risk

Weight 5%75% conf

Good

Standalone chain reduces external composition
Bridge to Ethereum adds cross-chain risk
Limited DeFi composability by design
Validator set dependency

Supply Chain

Weight 4%80% conf

Strong

Cosmos SDK based
Standard Go/Solidity stack
Verified Ethereum contracts
Custom trading engine

Additional Dimensions

Cascade Exposure

Weight conditional0% conf

-1

Critical

Not assessed — excluded from BRI computation

Risk Drivers

Primary risk factors driving this score, ordered by severity.

Adversarial Resilience46

Governance & Upgradeability72

Oracle Integrity75

Adversarial Risk Signals

Observable security posture indicators. These signals reflect publicly verifiable information and responsible disclosure outcomes. No specific vulnerability details are exposed.

Disclosure HistoryNot Assessed

Remediation VelocityNot Assessed

Bug Bounty ProgramNot Assessed

Audit CoverageNot Assessed

Incident HistoryNot Assessed

Deployed 2021-04-01Z-Factor 0.8209 active dimensions

Score History & Verification

Score provenance tracking begins with the next reassessment.

On-Chain Data

Protocol Slug: "dydx"
Oracle: BRORegistry (Base)
Evidence: IPFS (pinned)
Staleness Threshold: 24 hours

Read Score

registry.getScore("dydx")

Reduce exploitable risk

BlackHart Monitoring provides continuous adversarial analysis, vulnerability detection, remediation support, and verified reassessment when your risk posture improves.

View Monitoring Plans How Scores Work

Believe this score contains a factual error? Submit evidence for review →