Probability of Loss is the metric built from its first criterion to answer the question this whole piece has been circling: how likely is it that a project fails or its users lose money. It also shares its initials with protocol-owned liquidity, so the two need separating before either gets used. Protocol-owned liquidity (PoL) measures who owns the market depth. Probability of Loss (PoL) scores the odds of the loss itself.
The index comes from CORE3, and the limits come first. CORE3 is not a ratings agency, its metrics do not constitute investment advice, and a low Probability of Loss does not mean a project is certified, approved, or risk-free. What the score does is aggregate what no single on-chain number can. The methodology evaluates over 85 assessment metrics across 29 project categories and six risk areas: security posture, financial integrity, operational maturity, reputational posture, regulatory compliance, and dependency risks. The output is one number from 0 (Exceptional) to 100 (Critical), and it's dynamic, so a security or operational incident moves it the way this piece argues risk moves: fast, and across domains TVL never sees.
TVL tells you how much is parked. Market cap tells you what the crowd is guessing. Protocol-owned liquidity tells you whether anyone building the thing has to stay. Probability of Loss is the number that was asked the risk question first. It won't certify anything safe, and it isn't advice. It makes the risk readable before you commit capital. Check a project's PoL score at core3.io.