Skip to main content
While the categories below illustrate core evaluation angles, the assessment is not limited to these items. Additional dimensions may be considered based on the protocol’s structure, documentation, and risk profile.

Area 1: Technical Security

Evaluates how robust the code is and how well the protocol is designed to withstand external attacks.
Evaluation ItemChecklist / Points to VerifyImportance
Audit
  • Which firm conducted the audit? (e.g. top-tier firms preferred)
  • How many audits have been conducted? (minimum of 2 recommended)
  • What were the findings, and were all Critical/High issues resolved?
  • Is the audit report publicly available?
Highest
Bug Bounty Program
  • Is there an ongoing bug bounty program on platforms like Immunefi or HackerOne?
  • Is the bounty size appropriate (high rewards relative to TVL indicate strong security confidence)?
High
Track Record
  • How long has the protocol been live on mainnet without major issues?
  • Is there any history of hacks or fund losses and, if so, how were they handled?
High
Admin Key Structure
  • Do admin keys exist that can alter core protocol settings?
  • If yes, are they managed via multisig, and who are the signers?
High
Dependencies
  • Which oracle is used (e.g., Chainlink, Pyth – reliable providers)? What are the price-oracle mechanisms?
  • If the protocol is built on another protocol, is the base layer considered secure?
Medium
Code Disclosure & Documentation
  • Is the code fully open-sourced on GitHub?
  • Is developer documentation complete and well maintained?
Medium

Area 2: Economic Security

Evaluates whether the protocol’s yield sources, tokenomics, and risk mechanisms are sustainable and resilient even under extreme market conditions.
Evaluation ItemChecklist / Points to VerifyImportance
Liquidity
  • For lending protocols (especially for curators), is the collateral high-quality and reliable?
  • For lending protocols: Is utilization rate appropriate? (if utilization is consistently above 85–90%, withdrawals may be delayed or blocked, so real-time monitoring is required)
  • For DEX/AMM: Is pool TVL sufficient to handle expected deposits and withdrawals?
  • For RWA or private credit: Are there explicit lock-up periods or redemption cycles (for example, 30-day lockup, weekly redemption)?
  • Has the protocol handled large withdrawal events smoothly in the past?
Highest
Yield Source Consistency
  • Where does the yield come from (token emissions versus organic fee-based revenue)?
  • If rewards are in a native token, is inflation sustainable over the long term?
High
TVL and Volatility
  • Is TVL sufficiently large (for example, TVL greater than 50 million USD for more than 3 months can be considered solid, and greater than 100 million USD can be considered strong)?
  • Is TVL relatively stable, without sharp fluctuations that indicate dependency on short-term institutional or mercenary yield-farming capital?
High
Liquidation / Deleveraging Mechanisms
  • For lending or perp DEXs: Do liquidation mechanisms function reliably in volatile markets?
  • For yield-bearing stablecoins: Are there structural risks of depeg or death spiral?
  • For all protocols: Is there any aggressive looping or leverage that could amplify losses?
High
Insurance / Safety Fund
  • Is there an insurance or safety fund to compensate users in case of unexpected losses?
  • Are its size and trigger conditions clearly defined?
Medium

Area 3: Operational & Governance Trust

Evaluates how trustworthy and transparent the operating team or DAO is.
Evaluation ItemChecklist / Points to VerifyImportance
Team Structure & Reputation
  • Is the team anonymous or public (public teams generally earn higher trust)?
  • For curators: Does the operations team have proven ability to select and manage sub-strategies and risks?
  • Do team members have prior experience running successful projects?
High
Off-chain Operational Risk
  • Does the protocol rely on off-chain custody or trading?
  • Which custody provider is used (Copper, Fireblocks, Ceffu, etc.)?
  • Is proof of reserves available in real time or via regular reports?
  • Is off-chain transparency ensured (for example through dashboards or attestations)?
High
Governance Transparency
  • How are key decisions made (e.g., transparent forums and on-chain voting)?
  • Is the community (Discord, Telegram, etc.) active, and does the team engage well with users?
Medium
VCs and Partners
  • Which VCs have invested?
  • Are there partnerships with reputable protocols or infrastructure providers?
Low

Final Evaluation & Application

Each checklist item can be scored quantitatively. Additionally, for “Highest Importance” items, a Pass/Fail criterion can be applied: if even one such item fails, the protocol is automatically disqualified.