DeFi Saver
DAMASCUSDeFi Automation · Ethereum + L2s · $500M+ managed TVL · 20 contracts
Public risk assessment — scores are produced with the same methodology as monitored protocols
Security Profile
78
80
78
58
52
85
50
80
82
100
78
80
78
58
52
85
50
80
82
100
Audit History
Bug Bounty Program
Assessment
Veteran DeFi management tool with excellent maturity and clean track record. Survived Black Thursday stress test. High compositional risk by design (D4=58) and centralized governance (D5=52) are structural limitations. Slightly above Instadapp due to simpler architecture.
Dimension Breakdown
How scores work →- Smart wallet with owner authority model
- Automation permissions granted by user explicitly
- Recipe/action-based architecture with permissioned actions
- Bot automation requires explicit user opt-in
- Fee-based model on automation actions (boost/repay)
- No protocol token creating economic distortions
- Passes through underlying protocol economics cleanly
- Automation trigger economics well-understood
- Uses Chainlink for automation trigger prices
- Inherits oracle deps from underlying protocols (Aave, Maker, etc.)
- Automation triggers have oracle-sensitive timing
- Price feed dependency for CDP ratio monitoring
- Live since 2019 (originally CDP Saver for MakerDAO)
- No protocol exploit across any version
- Battle-tested through multiple market crashes (2020, 2022)
- Automation worked correctly during Black Thursday
- Z-factor: 0.939
- No governance token (team-controlled)
- Centralized decision-making on feature additions
- No on-chain governance mechanism
- Transparent team but unilateral control
- Maximum resilience under independent adversarial testing
- Comprehensive security coverage across all attack surfaces
- Mature codebase with extensive battle testing
- No validated adversarial findings — score set to neutral baseline
- Proven operational stability since 2019
- Automation bots operated reliably through stress events
- Small, experienced team with consistent track record
- Active monitoring of automation execution
- Composes multiple DeFi protocols by design
- Recipe system creates cross-protocol transaction bundles
- Flash loan integration adds composition surface
- Automation bots create time-dependent composition risk
- Member of 1 dependency cluster(s)
- No cross-protocol cascade exposure detected
- Score: 100/100 (higher = more isolated from systemic risk)
- Source: cross_protocol_composition.json dependency analysis
- Standard Solidity dependencies
- OpenZeppelin libraries
- Integration dependencies on target protocols
- Automation infrastructure is off-chain component
Risk Drivers
Primary risk factors driving this score, ordered by severity.
Adversarial Risk Signals
Observable security posture indicators. These signals reflect publicly verifiable information and responsible disclosure outcomes. No specific vulnerability details are exposed.
Score History & Verification
Score provenance tracking begins with the next reassessment.
On-Chain Data
- Protocol Slug
- "defisaver"
- Oracle
- BRORegistry (Base)
- Evidence
- IPFS (pinned)
- Staleness Threshold
- 24 hours
registry.getScore("defisaver")Reduce exploitable risk
BlackHart Monitoring provides continuous adversarial analysis, vulnerability detection, remediation support, and verified reassessment when your risk posture improves.