Metric Set
Project Methodology
How the Project Probability of Loss (PoL) Score Works
PoL is a structured risk assessment framework designed to estimate the likelihood that users, token holders, or a counterparty of a crypto project may experience a financially material loss, excluding losses caused solely by market price fluctuations.
How the Score is Calculated
PoL Score is calculated in 3 steps, ensuring ...
Calculation Score
Score Conversion
This stage focuses on defining the set of metrics applicable to a specific project. These metrics will be collected and assessed primarily through our automated systems, with certain cases requiring manual evaluation. Additionally, some data may not be publicly available and will need to be submitted directly by the project.
Metric SetDefault MetricsProject-Specific MetricsCategory-Specific Modifiers
Metric
Sub-metric
Condition
Sub-score
Audit Coverage
Audit relevance, findings status, and coverage percentage relative to the project's overall structure are assessed.
Medium, High and Critical findings checkCode comparison (deployed vs audited)
Metric Weight
16%
Sub-metric
Condition
Sub-score
Reviewed scope
91-100%
10
81- 90%
9
71-80%
8
61-70%
7
51-60%
6
41-50%
5
31-40%
4
21-30%
3
20% and under
2
Bug Bounty
Bug bounty program effectiveness, including provider quality, payout policy, and team response rates, is evaluated.
Metric Weight
12%
Custody5%
Pay-out policy5%
Attestation letter2%
Proof of Funds0%
Sub-metric
Condition
Sub-score
Custody
Third party hosted
10
Self hosted
5
Disclosure policy only
2
Pay-out policy
250k USD +
10
100k-250k USD range
8
50k - 100k USD range
5
10k-50k USD range
3
Under 10k USD
1
Attestation letter*
Team response rate within 1 day
10
Team response rate within 3 days
5
Team response rate within 1 week
2
Team response rate takes more than a week
0
Proof of Funds
Present
10
Absent
0
Third party monitoring
Presence of third-party on-chain contract monitoring and proper setup completion are verified.
Metric Weight
5%
Monitoring2%
Third party monitoring attestation letter2%
Sub-metric
Condition
Sub-score
Monitoring
Enabled
10
Disabled
0
Third party monitoring attestation letter
Project setup properly
10
Improper setup
0
Prevention
Presence of prevention mechanisms such as pausability and emergency controls is evaluated.
Metric Weight
2%
Sub-metric
Condition
Sub-score
Prevention
Third party set up
10
No third party set up
0
Metric
Sub-metric
Condition
Sub-score
Revenue sources
Reported revenue streams and dependency on each source.
Sub-metric
Condition
Sub-score
Sources list
Transaction/Protocol Fees
i/e
Marketplace Commission
i/e
Staking-as-a-Service
i/e
Premium Services / SaaS
i/e
Licensing Infrastructure/Tech
i/e
Enterprise Partnerships
i/e
Yield from Treasury Management
i/e
Token Launchpads / IDOs
i/e
Advertising / Sponsored Content
i/e
Consulting/Advisory
i/e
Validator Rewards (native)
i/e
Token pump
i/e
Source dependency
One source with consistent cash flow
One source without consistent cash flow
Multiple sources with consistent cash flow
Multiple sources without consistent cash flow
Inflation
Periodic inflation percentage of the project token is monitored.
Metric Weight
5%
Sub-metric
Condition
Sub-score
Inflation band
0-5% a year
10
5-10% a year
7
10-15% a year
5
15-20% a year
3
25% a year
0
TVL
Total Value Locked trends are tracked and suspicious spikes are identified.
Metric Weight
1%
Trend0.8%
Suspicious Spikes0.2%
Sub-metric
Condition
Sub-score
Trend
Uptrend
10
Range
5
Downtrend
0
Suspicious spikes
There are
0
There are no
10
Active addresses
The number of unique wallets that meaningfully interact with a project's token
Sub-metric
Condition
Sub-score
Evaluated from available on-chain activity and project disclosures (see detailed methodology).
i/e
Treasury quality
Asset composition in treasury wallets, including ratio of top-tier assets, native tokens, and project tokens, is assessed.
Metric Weight
2%
Sub-metric
Condition
Sub-score
Treasury structure
Top tier assets structure
10
Treasury >50% native token
5
Native token only
3
Circulating supply analysis
Alignment of reported circulating supply with reference data.
Metric Weight
5%
Sub-metric
Condition
Sub-score
Comparison
The same
10
Up to 5% difference
0
Different
-5
Lockers analysis
Presence and quality of token locking mechanisms are evaluated.
Metric Weight
2%
Sub-metric
Condition
Sub-score
Locker type
Third-Party Audited Lockers
10
Self-Hosted Timelock Contracts
7
Multi-Signature Vaults + Delay Module
5
Vesting & Yield Vault Contracts
3
Burn Address Forever Lock
2
Off-Chain Promises
0
Metric
Sub-metric
Condition
Sub-score
Washtrading
Presence of wash trading activity across centralized exchanges is detected.
Sub-metric
Condition
Sub-score
Level
Above average
-5
Average
0
Below average
0
GitHub activity
Recent development activity (where repositories are in scope).
Metric Weight
1%
Last week activity1%
Sub-metric
Condition
Sub-score
Last week activity
There was
10
There was no
0
Founders with track record
Founders' relevant education, work experience, and business background are verified.
Metric Weight
1%
Education0.33%
Working experience0.34%
Business experience0.33%
Sub-metric
Condition
Sub-score
Education
Relevant
1
Irrelevant
0
Working experience
Relevant
1
Irrelevant
0
Business experience
Relevant
1
Irrelevant
0
Proper Documentation in place
Presence and quality of essential project documentation are assessed.
Metric Weight
2%
White paper0.4%
Tokenomics0.4%
Contracts disclosure0.4%
Verified contracts0.4%
Roadmap0.2%
Roadmap reporting0.2%
Sub-metric
Condition
Sub-score
Document
White paper
0.4
Tokenomics
0.4
Contracts disclosure
0.4
Verified contracts
0.4
Roadmap
0.2
Roadmap reporting
0.2
Certifications
Presence of security certifications such as ISO 27001 (information security management) and CCSS (cryptocurrency security standards) are checked.
Metric Weight
10%
ISO 270015%
CCSS5%
Sub-metric
Condition
Sub-score
ISO 27001
Yes
10
No
0
CCSS
Level 1
5
Level 2
7
Level 3
10
No
0
Liquidity risks
DEX/CEX liquidity depth relative to market cap and exchange quality are analyzed.
Metric Weight
6%
DEX LP to mcap1%
CEX volume to mcap1%
CEX total orderbook to mcap1%
Quality of CEXs2%
DEXs LP state1%
Sub-metric
Condition
Sub-score
DEX LP to mcap
Above average
10
Average
5
Below average
0
CEX volume to mcap
Above average
10
Average
5
Below average
0
CEX total orderbook to mcap
Above average
10
Average
5
Below average
0
Quality of CEXs
9-10 CG Trust score
10
7-8 CG Trust score
8
5-7 CG Trust score
5
5 and below by CG Trust score
0
DEXs LP state
Locked
2
Unlocked
0
Metric
Sub-metric
Condition
Sub-score
Past incidents reaction
Project response and remediation approach to past security incidents are evaluated.
Metric Weight
1%
Media reaction0%
The root cause fixed1%
Sub-metric
Condition
Sub-score
Media reaction
Alert
i/e
Week
i/e
Passive
i/e
Strong
i/e
The root cause fixed
Yes
10
No
0
Audit Firm Reputation
Quality and credibility of auditing firms engaged by the project are assessed.
Metric Weight
3%
Sub-metric
Condition
Sub-score
Firm tier
Top tier security companies
10
Mid tier security companies
7
Low tier security companies
3
No tier security companies
0
Social Fraud
Twitter, website, and trends signals are assessed for authenticity and engagement quality.
Metric Weight
2%
Twitter Score0.5%
Twitter bots ratio0%
Twitter interactions0.5%
Website visits0.5%
Trends check0.5%
Sub-metric
Condition
Sub-score
Twitter Score
Bad
0
Good
5
Excellent
10
Twitter bots ratio
Organic followers only
i/e
Some portion are the bots
i/e
The majority are bots
i/e
Bots only
i/e
Newly created page
i/e
Twitter interactions
Above the coefficient
i/e
Under the coefficient
i/e
Website visits
Higher than the average range
i/e
In the average range
i/e
Below the average range
i/e
Trends check
Higher than the average range
i/e
In the average range
i/e
Below the average range
i/e
Insurance
Insurance coverage, including type, provider, and scope of protection, is assessed.
Metric Weight
2%
Custody1%
Coverage1%
Sub-metric
Condition
Sub-score
Custody
Third party hosted
10
Self hosted
5
Coverage
Complete
10
Average
7
Project Longevity
Project age and track record in the Web3 ecosystem are evaluated.
Metric Weight
1%
Sub-metric
Condition
Sub-score
Age
5 years +
10
3 years +
7
1-3 years
5
Newly created protocol
0
Protocol Longevity
Project age and track record in the Web3 ecosystem are evaluated.
Metric Weight
1%
Sub-metric
Condition
Sub-score
Age
5 years +
10
3 years +
7
1-3 years
5
Newly created protocol
0
Penalties
Presence of these metrics will decrease score
MM red flag Identification
The list of suspicious representatives
from 0 to -10
Investor red flag Identification
The list of suspicious representatives
from 0 to -10
Metric
Sub-metric
Condition
Sub-score
Disclaimers
Presence of a dedicated disclaimers page is verified.
Legal section, terms and policies
Metric Weight
0.5%
Sub-metric
Condition
Sub-score
Presence
Present
10
Absent
0
Public registration
The project's legal registration location is documented.
Project has to be registered
Metric Weight
0.5%
Sub-metric
Condition
Sub-score
Presence
Present
10
Absent
0
Public team
Whether core team members are publicly identified is assessed.
Metric Weight
0.5%
Sub-metric
Condition
Sub-score
Visibility
Public
10
Anonymous
0
Regulatory Surface Controls
Presence of compliance features such as KYC/KYT is evaluated.
KYC/KYT where relevant
Metric Weight
0.5%
Sub-metric
Condition
Sub-score
Jurisdiction
Quality and regulatory environment of the registration jurisdiction are assessed.
Jurisdiction QualityCrypto jurisdictions tier list
Metric Weight
1%
Sub-metric
Condition
Sub-score
Tier
Tier 1
10
Tier 2
7
Tier 3
4
Tier 4
2
Regulatory compliance
Whether the project operates under applicable regulations is verified.
Metric Weight
2%
Sub-metric
Condition
Sub-score
Mode
Operates under regulation
10
One of the entities operates under regulation
5
Does not operate under any regulation
0
The domain score is adjusted by a corresponding multiplier, determined by a set of predefined criteria and requirements.
Calculation ScoreSecurityFinancialOperationalReputationalRegulatoryDependencythe Scale
Metric | Multiplier | Description |
|---|---|---|
Active addresses | x1.025 | Wallets interacting with project / token |
GitHub activity | x1.025 | Assessed based on the presence of weekly commits |
Project longevity | x1.15 | If 3 years + 1.07 |
Protocol longevity | x1.15 | If 5 years + 1.15 |
No major security incident | x1.15 | If there was a major incident there is no score at all |
Licensed by a recognized regulator | x1.1 | If there is no maximal multiplier yet (x1.3) it can give up to 1.1 |
Category leading project | x1.1 | Top 3 representatives of the category by market cap |
Score 0–65
1.3×
Full multiplier
Score 65–90
1.3× → 1.0×
Gradually decreases
Score 90+
1.0×
No adjustment
The final calculation score is inverted to represent the Probability of Loss (PoL) score.
PoL ScoreInverse(Calculation Score)
- Calculation score 0–25 maps to PoL grade D (PoL range 75–90).
- Calculation score 25–30 maps to PoL grade DD (PoL range 70–75).
- Calculation score 30–40 maps to PoL grade DDD (PoL range 60–70).
- Calculation score 40–45 maps to PoL grade C (PoL range 55–60).
- Calculation score 45–50 maps to PoL grade CC (PoL range 50–55).
- Calculation score 50–60 maps to PoL grade CCC (PoL range 40–50).
- Calculation score 60–65 maps to PoL grade B (PoL range 35–40).
- Calculation score 65–70 maps to PoL grade BB (PoL range 30–35).
- Calculation score 70–80 maps to PoL grade BBB (PoL range 20–30).
- Calculation score 80–85 maps to PoL grade A (PoL range 15–20).
- Calculation score 85–90 maps to PoL grade AA (PoL range 10–15).
- Calculation score 90–100 maps to PoL grade AAA (PoL range 0–10).
- Audit with 80%+ coverage
- Third-party bug bounty program
- Third-party monitoring enabled
- ISO 27001 (or SOC 2)
- CCSS Certification
- Submitted >10% of required information voluntarily
Have questions about CORE3 Methodology?
Contact us, and we'll provide more information
