Instadapp
DAMASCUSDeFi Automation · Ethereum + L2s · $2B+ TVL · 15 contracts
Public risk assessment — scores are produced with the same methodology as monitored protocols
Security Profile
75
78
80
55
55
82
50
78
75
95
75
78
80
55
55
82
50
78
75
95
Audit History
Bug Bounty Program
Assessment
Long-running DeFi middleware with clean track record. High maturity (Z=0.939) and no exploits help significantly. Compositional risk is inherently high (D4=55) because middleware composes everything by design. Good battle testing despite niche category.
Dimension Breakdown
How scores work →- DSA (DeFi Smart Account) owner-controlled
- Authority delegation model for account management
- Connector-based architecture with permissioned connectors
- Multi-auth support for institutional users
- Middleware passes through underlying protocol economics
- No direct economic model risk (fee-based on refinancing)
- Vault products add yield-strategy economic surface
- INST token governance but not core economic mechanism
- Inherits oracle dependencies from underlying protocols
- No proprietary oracle in core DSA architecture
- Vault products may use price feeds for rebalancing
- Clean pass-through for oracle risk
- Live since 2019 (one of the oldest DeFi middleware)
- No direct protocol exploit on DSA architecture
- Multiple iterations (V1, V2, current)
- Audited by multiple firms over years
- Z-factor: 0.939
- INST token governance for connector approval
- Team retains significant operational control
- Connector additions go through governance vote
- Moderate governance participation
- No validated adversarial findings — score set to neutral baseline
- Experienced team since 2019
- Multi-chain deployment (Ethereum, Optimism, etc.)
- Connector monitoring and management
- Vault operations require active management
- By design: composes EVERY major DeFi protocol
- Connector architecture means attack surface = union of all connected protocols
- Refinancing across protocols creates cross-protocol state dependency
- DSA holds positions across multiple protocols simultaneously
- No cross-protocol cascade exposure detected
- Score: 95/100 (higher = more isolated from systemic risk)
- Source: cross_protocol_composition.json dependency analysis
- OpenZeppelin dependencies
- Connector architecture means many integration points
- Standard Solidity dependencies
- Each connector is a potential supply chain entry point
Risk Drivers
Primary risk factors driving this score, ordered by severity.
Adversarial Risk Signals
Observable security posture indicators. These signals reflect publicly verifiable information and responsible disclosure outcomes. No specific vulnerability details are exposed.
Score History & Verification
Score provenance tracking begins with the next reassessment.
On-Chain Data
- Protocol Slug
- "instadapp"
- Oracle
- BRORegistry (Base)
- Evidence
- IPFS (pinned)
- Staleness Threshold
- 24 hours
registry.getScore("instadapp")Reduce exploitable risk
BlackHart Monitoring provides continuous adversarial analysis, vulnerability detection, remediation support, and verified reassessment when your risk posture improves.