Our Research Methodology

Our researchers work backward from catastrophic outcomes — drained vaults, manipulated oracles, frozen governance — to identify the precise conditions that would make them possible. This attacker-first perspective finds vulnerabilities that defensive audits systematically miss.

The result: a continuously updated threat model for every protocol we cover, built from confirmed attack vectors rather than theoretical risk frameworks.

Traditional security audits capture a snapshot of a codebase at a moment in time. The day after the audit report ships, the protocol upgrades a contract, adds a new market, or integrates a new oracle — and the audit is stale.

BlackHart Research maintains continuous coverage. When a protocol's attack surface changes — through upgrades, new integrations, or shifting market conditions — our risk assessments update accordingly.

Insurance underwriters need to price risk today, not six months ago. Our scores always reflect the current state.

The most devastating DeFi exploits are not single-function bugs. They are sequences of individually benign operations that, when composed in the right order, produce catastrophic outcomes.

Individual audit firms review individual contracts. We operate at the protocol level, testing cross-contract and cross-protocol interactions. This is where the Critical-severity findings live — and where the largest insurance exposure concentrates.

Every finding is quantified along three dimensions: severity (maximum impact if exploited), likelihood (exploit complexity and required conditions), and exposure (TVL directly at risk).

These dimensions combine into a composite risk score for each protocol, updated continuously as findings are discovered, remediated, or as protocol TVL changes. Scores are designed for direct integration into actuarial pricing models.

We do not report theoretical vulnerabilities or informational findings. Every item in our intelligence feed has been validated with a working exploit against live contract state.

When an underwriter sees a Critical alert from BlackHart Research, they know it represents a confirmed, exploitable vulnerability with verified economic impact — not a hypothetical concern.