Symbiotic
DAMASCUSRestaking · Ethereum · $1B+ TVL · 15 contracts
Public risk assessment — scores are produced with the same methodology as monitored protocols
Security Profile
72
68
82
62
50
52
87
80
70
89
72
68
82
62
50
52
87
80
70
89
Audit History
Bug Bounty Program
Assessment
Young restaking protocol with extreme centralization (D5=50), low maturity (D6=52), and high compositional risk (D4=62). Economic model untested (D2=68). Similar risk profile to early EigenLayer but even younger.
Dimension Breakdown
How scores work →- Modular vault-operator-network permission model
- Complex slasher/resolver role system
- Vault deployment is permissionless
- Emergency mechanisms still centralized
- Restaking economics untested under stress
- Slashing conditions defined per network (variable risk)
- Correlated slashing risk across networks sharing operators
- No proven track record of slashing mechanism functioning correctly
- Minimal oracle dependency in core protocol
- Network-level oracle deps scoped per-service
- ETH-native staking accounting (no external price feeds)
- Slashing oracle trust assumptions per network
- Live since June 2024 (<1 year)
- Novel restaking design with limited operational history
- Experienced founders but new organization
- Audited by Statemind, Sigma Prime
- Z-factor: 0.654
- Highly centralized early-stage governance
- Team multisig with no visible timelock
- No token governance yet
- Paradigm/Lido founders provide credibility but not decentralization
- Score derived from continuous adversarial security research
- Young operational history
- Monitoring infrastructure maturing
- Bug bounty active on Immunefi
- Incident response completely untested
- Extreme compositional surface: any network can compose
- Shared security model means correlated risk across networks
- Vault-operator-network triad creates complex interaction surface
- Bad network slashing can cascade to delegators
- Appears in 2 cross-protocol cascade chain(s)
- Member of 2 dependency cluster(s)
- Score: 89/100 (higher = more isolated from systemic risk)
- Source: cross_protocol_composition.json dependency analysis
- Modular design with clean dependency graph
- Standard OpenZeppelin libraries
- Vault factory patterns for deployment
- Modern Solidity versions
Risk Drivers
Primary risk factors driving this score, ordered by severity.
Adversarial Risk Signals
Observable security posture indicators. These signals reflect publicly verifiable information and responsible disclosure outcomes. No specific vulnerability details are exposed.
Score History & Verification
Score provenance tracking begins with the next reassessment.
On-Chain Data
- Protocol Slug
- "symbiotic"
- Oracle
- BRORegistry (Base)
- Evidence
- IPFS (pinned)
- Staleness Threshold
- 24 hours
registry.getScore("symbiotic")Reduce exploitable risk
BlackHart Monitoring provides continuous adversarial analysis, vulnerability detection, remediation support, and verified reassessment when your risk posture improves.