BVSS Calculator

Captures whether triggering the bug requires compromising a privileged account.

Captures the cost of triggering the bug relative to the cost of sending a single transaction on the relevant blockchain without transferring value. Includes but is not limited to financial, operational and computational cost

Describes the conditions beyond the attacker’s control that must exist in order to exploit the vulnerability. Includes but is not limited to macro situation, available third-party liquidity and regulatory challenges.

Describes the share of the consequences that can be reversed. For upgradeable systems, assume the required privileges are available.

Captures whether a vulnerability in one vulnerable system impacts resources in other systems

Measures the impact to the confidentiality of the data processed or persisted on-chain.

Measures the impact to the availability of the impacted component resulting from a successfully exploited vulnerability. This metric refers to features and functionality, not state. Availability impact directly affecting Deposit or Yield is excluded.

Measures the impact to the trustworthiness and veracity of data stored and/or processed on-chain.

Captures the impact to the deposits made to the system by either users or owners. Measured per depositing account.

Captures the impact to the yield generated by the system for either users or owners.