Integration Guide
Read DeFi risk scores on-chain or via REST API. Scores update every 6 hours from continuous adversarial research. The public tier is free — no API key, no rate limits, no signup.
Quick Start
Full guide →// Read a protocol's risk score — that's it
IBROOracle registry = IBROOracle(REGISTRY_ADDRESS);
(uint16 bri,,, bool stale) = registry.getScore("uniswap-v4");
require(!stale, "Score too old");One import, one function call. The oracle returns a score between 300 (highest risk) and 1000 (lowest risk). Use isStale() to check freshness before making decisions.
Documentation
Quick Start
Get reading scores in under 5 minutes. One import, one function call.
Solidity Interface
Full IBROOracle interface for on-chain integration with your smart contracts.
Integration Examples
Working code in Solidity, TypeScript, Python, and MCP — copy, paste, deploy.
REST API
JSON endpoints for off-chain consumption. No API key required for public tier.
Use Cases
How protocols and institutions use BRO scores for risk management and pricing.
API Plans
Free tier, Developer, and Institutional plans with dimension-level access.
MCP Integration
Query scores from Claude Code, Cursor, or any MCP-compatible development tool.
Contract Addresses
Deployed contract addresses, ABIs, and network configuration for Base.
Integration Paths
On-Chain (Solidity)
Import the IBROOracle interface, call getScore() with a protocol slug. Use for lending collateral gates, insurance pricing, or vault risk filters.
registry.getScore("aave-v3")REST API (TypeScript / Python)
HTTP GET endpoints returning JSON. Use for dashboards, analytics, portfolio risk overlays, or any off-chain application.
GET /api/v1/scores/{slug}MCP (AI Development Tools)
Query scores directly from Claude Code, Cursor, or any MCP-compatible tool. Natural language queries against the full score database.
mcp: get_shield_rating("aave-v3")Need detailed breakdowns?
The public tier returns composite scores. Subscribers get per-dimension scores, historical trends, and real-time webhooks.
View Plans →Protocol not scored?
We'll add your protocol within 48 hours. Free tier includes your public score, with on-chain availability once contracts are live.
Add My ProtocolFrequently Asked Questions
How does BlackHart approach vulnerability discovery and disclosure?
BlackHart continuously hunts for critical vulnerabilities across DeFi. When we find issues, we disclose them through official bounty and responsible disclosure channels. No subscription is required to receive or remediate submitted vulnerabilities. The BlackHart Risk Oracle gives protocols and allocators a transparent view of observable risk signals. Protocols cannot pay for a higher score.
Can protocols pay for a higher score?
No. Scores are not for sale. Paying and non-paying protocols are scored identically using the same methodology, tools, and standards. Commercial status determines monitoring coverage and reassessment frequency, not score treatment. Subscribing to continuous monitoring helps protocols reduce real risk — and if those efforts result in verified security improvements, those changes are reflected in future score updates through the normal assessment process.
What does 'BlackHart Monitored' mean?
It means BlackHart has continuous adversarial coverage on the protocol — actively searching for vulnerabilities, monitoring for risk changes, and providing remediation guidance. It does not mean the protocol is safe or has a high score. A monitored protocol can still score poorly if significant risks are identified. Monitoring provides ongoing coverage and faster triage, not favorable scoring.
How are scores calculated?
Every protocol is evaluated using the same methodology, same tools, and same standards. The BRI is a weighted geometric mean of 12 security dimensions. Only PoC-validated findings affect the score. The full methodology is public and versioned.
What if a protocol believes its score is wrong?
Any protocol can submit evidence for review at no cost. We maintain a free correction channel because score accuracy is more important than revenue. If the evidence changes our assessment, the score is updated with full provenance linking to the submitted evidence.