Ratings, dashboards, monitoring outputs, and research stay attributed to the source that published them.
About OpenRisk
Risk evidence belongs in daylight.
OpenRisk collects what independent DeFi risk providers publish, keeps their words attached to their names, and shows the disagreements instead of smoothing them into a proprietary verdict.
Purpose
A neutral layer over a fragmented risk landscape.
DeFi risk work is scattered across rating desks, monitoring dashboards, research notes, governance forums, and provider docs. OpenRisk gives that work a common table without pretending the methods are the same.
The project is useful precisely because it refuses to collapse different methodologies into one number. Users can inspect who said what, when, and about which protocol or version.
Operating rules
The constraints are part of the product.
Version-specific evidence is shown only when the source explicitly names that version, market, vault, or feature.
OpenRisk does not add rankings, normalized grades, composite scores, or investment recommendations.
Covered and partial cells need a dated provider URL, governance record, onchain reference, or other source.
Coverage language
Coverage means evidence was found. Nothing more.
A covered protocol is not automatically safer than a missing one. The labels describe the availability and scope of source material in the static snapshot.
Protocol-specific intelligence is available for the relevant protocol or version.
The provider covers a limited version, market, vault, feature, or evidence set.
No protocol-specific provider entry has been found in the current snapshot.
FAQ
Short answers before you use the table.
Why not combine providers into one score?
Because the methods measure different things. Combining them would make OpenRisk the judge, which is outside the charter.
How should version rows be read?
They include only evidence whose source scope explicitly names that version. Everything else stays at the parent protocol level.
Is the data live?
No. This prototype is a dated, static snapshot. The snapshot date and raw JSON link appear in the footer.
Can the registry be corrected?
Yes. Corrections should point to a dated provider URL, governance record, onchain reference, or primary source.
Review the data in public
Open an issue, propose a correction, or inspect the repository-native dataset.