EigenLayer
DAMASCUSRestaking · Ethereum · $15B+ TVL · 25 contracts
Public risk assessment — scores are produced with the same methodology as monitored protocols
Security Profile
75
78
85
65
45
72
87
82
78
53
75
78
85
65
45
72
87
82
78
53
Audit History
Bug Bounty Program
Assessment
Novel restaking protocol with significant TVL but governance centralization (D5=45) and compositional risk (D4=65) drag the score. Young protocol with unproven economics under stress.
Dimension Breakdown
How scores work →- Complex operator-delegator-AVS permission model
- Restaking introduces multi-layered access control
- Slashing conditions configurable per AVS
- Withdrawal delays provide some protection
- Novel restaking economics, untested under severe stress
- Slashing risk compounds across multiple AVS
- EIGEN token dual-staking adds complexity
- Withdrawal queue and unbonding periods provide buffers
- Minimal oracle dependency in core
- ETH native pricing, no external price feeds
- AVS-level oracle deps are scoped per-service
- No manipulation surface in restaking accounting
- Live since June 2023 (~23 months)
- Rapidly evolving codebase with frequent upgrades
- Large TVL ($15B+) but relatively young protocol
- No exploit yet but limited stress-testing history
- Z-factor: 0.795
- Eigen Foundation multisig with no visible timelock
- Centralized parameter control
- Community governance via EIGEN token still maturing
- Upgradeability on core contracts (proxy pattern)
- Score derived from continuous adversarial security research
- Active development team
- CI/CD pipeline visible
- Monitoring infrastructure maturing
- Incident response process not publicly documented
- Extreme compositional surface: any AVS can compose
- Operator-AVS-delegator triad creates complex interactions
- Shared security model means correlated risk
- Bad AVS slashing can cascade to all delegators
- Appears in 4 cross-protocol cascade chain(s)
- Failure cascades to 8 downstream protocol(s)
- Member of 4 dependency cluster(s)
- Score: 53/100 (higher = more isolated from systemic risk)
- Source: cross_protocol_composition.json dependency analysis
- Standard OpenZeppelin libraries
- Upgradeable proxy pattern (inherent risk)
- Modern Solidity versions
- Well-maintained but complex dependency graph
Risk Drivers
Primary risk factors driving this score, ordered by severity.
Adversarial Risk Signals
Observable security posture indicators. These signals reflect publicly verifiable information and responsible disclosure outcomes. No specific vulnerability details are exposed.
Score History & Verification
Score provenance tracking begins with the next reassessment.
On-Chain Data
- Protocol Slug
- "eigenlayer"
- Oracle
- BRORegistry (Base)
- Evidence
- IPFS (pinned)
- Staleness Threshold
- 24 hours
registry.getScore("eigenlayer")Reduce exploitable risk
BlackHart Monitoring provides continuous adversarial analysis, vulnerability detection, remediation support, and verified reassessment when your risk posture improves.