Origin Protocol
DAMASCUSYield / DeFi · Ethereum · $300M+ TVL · 15 contracts
Public risk assessment — scores are produced with the same methodology as monitored protocols
Security Profile
72
65
72
58
55
75
90
76
72
100
72
65
72
58
55
75
90
76
72
100
Audit History
Bug Bounty Program
Assessment
Yield aggregator that learned from 2020 exploit. High maturity (Z=0.945) but D2=65 reflects historical economic vulnerability. Wide composition surface from multi-strategy approach. Post-exploit security improvements are real but past exploit anchors risk perception.
Dimension Breakdown
How scores work →- Vault-based architecture with strategist and governor roles
- OUSD/OETH minting through controlled deposit flow
- Strategy allocation controlled by strategist multisig
- Timelock on governance actions
- Yield-bearing stablecoins (OUSD, OETH) via strategy allocation
- OUSD suffered $7M exploit in Nov 2020 (flash loan/reentrancy)
- Rebasing token model adds economic complexity
- Strategy diversification reduces single-point failure
- Chainlink oracles for asset pricing
- Vault share pricing depends on strategy valuation
- OUSD/OETH peg relies on accurate underlying pricing
- Historical exploit involved oracle-adjacent flash loan attack
- OUSD live since 2020 (70+ months), OETH since 2023
- Experienced and survived $7M exploit (learned from it)
- Multiple redesigns and security improvements post-exploit
- Multiple audits (OpenZeppelin, Trail of Bits, Certora)
- Z-factor: 0.945 (from OUSD launch)
- OGN token governance exists
- Team retains significant operational control
- Strategist role has broad powers within guardrails
- Timelock provides some governance safety
- Score derived from continuous adversarial security research
- Post-exploit operational improvements
- Strategy monitoring and allocation management
- Active team with security focus after 2020 incident
- Operational complexity from multi-strategy management
- Strategies compose across multiple DeFi protocols (Aave, Compound, Convex, etc.)
- OUSD/OETH used as collateral in lending markets
- Strategy diversity means wide composition surface
- Rebasing token creates integration complexity for downstream
- Member of 2 dependency cluster(s)
- No cross-protocol cascade exposure detected
- Score: 100/100 (higher = more isolated from systemic risk)
- Source: cross_protocol_composition.json dependency analysis
- OpenZeppelin dependencies
- Strategy contracts interact with many external protocols
- Standard Solidity stack
- Wide dependency surface from strategy diversity
Risk Drivers
Primary risk factors driving this score, ordered by severity.
Adversarial Risk Signals
Observable security posture indicators. These signals reflect publicly verifiable information and responsible disclosure outcomes. No specific vulnerability details are exposed.
Score History & Verification
Score provenance tracking begins with the next reassessment.
On-Chain Data
- Protocol Slug
- "origin"
- Oracle
- BRORegistry (Base)
- Evidence
- IPFS (pinned)
- Staleness Threshold
- 24 hours
registry.getScore("origin")Reduce exploitable risk
BlackHart Monitoring provides continuous adversarial analysis, vulnerability detection, remediation support, and verified reassessment when your risk posture improves.