Bittensor
Elevated risk — novel AI compute network with significant centralization, insider exploit history, and untested emission mechanisms despite a $4.2B valuation
Top Risks
1
Supply chain attack in 2024 resulted in $28M stolen from 32 holders via malicious PyPI package, with a former employee implicated — demonstrating insider threat risk and weak software supply chain controls
2
Proof of Authority consensus means the OpenTensor Foundation controls all block validation, creating a single point of censorship and failure despite the network's decentralization claims
3
Yuma consensus and Taoflow emission models are novel, untested mechanisms for scoring AI work quality and allocating emissions — custom formulas with no precedent or battle-testing at this scale
Risk Breakdown
Frequently Asked Questions
Is Bittensor safe to use?
Bittensor receives a C- risk grade (52/100) from Hindenrank, where lower scores indicate lower risk. Elevated risk — novel AI compute network with significant centralization, insider exploit history, and untested emission mechanisms despite a $4.2B valuation Bittensor is a decentralized AI compute network where 128+ subnets compete to provide AI services, rewarded with TAO emissions scored by Yuma Consensus. With a $4.2B fully diluted valuation and no traditional DeFi TVL, it operates as a specialized Layer 1 for AI workloads. Its C- risk grade reflects $28M in 2024 exploits, centralized Proof of Authority consensus controlled by the OpenTensor Foundation, and multiple novel untested mechanisms including Yuma Consensus and the Taoflow emission model.
What are the main risks of using Bittensor?
The key risks identified for Bittensor are: (1) A former employee stole $28M in TAO through a malicious software package in 2024, and the Foundation had to halt the entire network to respond — showing that one insider can shut down the whole system (2) Despite claiming decentralization, the OpenTensor Foundation runs all block validators and controls governance. They can censor transactions, halt the network, and push through changes with minimal community oversight (3) The system for scoring AI work quality (Yuma Consensus) and allocating rewards (Taoflow) are brand new inventions with no precedent. If these novel mechanisms have flaws, the entire emission economy could be gamed by sophisticated actors
What is Bittensor's risk score breakdown?
Bittensor scores 52/100 across eight risk dimensions: Mechanism Novelty: 11/15, Interaction Severity: 10/20, Oracle Surface: 3/10, Documentation Gaps: 3/10, Track Record: 10/15, Scale Exposure: 7/10, Regulatory Risk: 2/10, Vitality Risk: 6/10. The highest risk area is Mechanism Novelty at 11/15.
How does Bittensor compare to other L1 protocols?
Among 56 rated L1 protocols on Hindenrank, Bittensor ranks #53 by safety (lowest risk score = safest). Its 52/100 risk score and C- grade place it among the riskier L1 protocols.
Has Bittensor ever been hacked or exploited?
Bittensor scores 10/15 on the Track Record risk dimension, indicating some history of security incidents or exploits. Higher scores reflect more severe or frequent incidents. Review the full risk report for details.
Incident History
1incident|$8Mtotal losses
Last scanned 2026-03-12