When you see a DeFi protocol scored 89/100 with a B+ grade on TrustGrade, what does that number actually mean? Unlike arbitrary ratings or “gut feeling” reviews, every TrustGrade score is the output of a rigorous mathematical pipeline. This article breaks down how it works — no PhD required.
The Problem: Trust Is Hard to Quantify
Crypto has a trust problem. In traditional finance, regulatory bodies, auditors, and decades of legal precedent create (imperfect) trust frameworks. In DeFi and onchain markets, none of that exists. You’re interacting with:
- Smart contracts that may have hidden vulnerabilities
- Protocols governed by anonymous DAOs
- Stablecoins backed by opaque reserves
- AI agents executing transactions autonomously
How do you assign a single, actionable number that tells you “this is safe to interact with”?
The answer combines two statistical workhorses: Wilson score intervals and Bayesian inference.
Signal 1: Wilson Score — Confidence in a Nutshell
Imagine a DeFi protocol has processed 10,000 transactions, and 9,700 completed successfully. The naive success rate is 97%. Sounds great — but how confident are we?
The Wilson score interval, developed by physicist Edwin B. Wilson in 1927, answers this. It calculates the lower bound of a confidence interval for a binomial proportion — in plain English, “what’s the worst-case true success rate given what we’ve observed?”
The formula:
$$\text{Wilson lower bound} = \frac{\hat{p} + \frac{z^2}{2n} - z\sqrt{\frac{\hat{p}(1-\hat{p})}{n} + \frac{z^2}{4n^2}}}{1 + \frac{z^2}{n}}$$
Where:
- p̂ = observed success rate (0.97 in our example)
- n = sample size (10,000)
- z = z-score for confidence level (1.96 for 95% confidence)
For our protocol: Wilson lower bound ≈ 96.6%. That’s our conservative estimate.
The key insight: a protocol with 100 transactions at 97% success gets a lower Wilson score than one with 10,000 at 97%. Sample size matters. This prevents new protocols with a handful of successful txs from scoring as high as battle-tested ones.
Wilson Score in TrustGrade
For DeFi protocols, the Wilson score has a 40% weight in the final composite. It captures:
- Transaction success rate
- Audit pass rate
- Oracle uptime
- Governance proposal execution rate
Signal 2: Bayesian Beta Posterior — Updating Beliefs
Wilson scores tell us about observed data. But what about prior knowledge? A brand-new protocol from a team that previously built a $2B TVL platform should score differently than one from anonymous developers — even with identical early data.
This is where Bayesian inference comes in. We use a Beta distribution as our prior:
$$\text{Posterior} = \text{Beta}(\alpha + s, \beta + f)$$
Where:
- α, β = prior parameters (learned from population data)
- s = observed successes
- f = observed failures
The prior acts as a “starting point.” For DeFi protocols, we calibrate α and β from our entire scored dataset — currently thousands of protocols. A new protocol starts with the population average and shifts as real data comes in.
Why this matters: This creates a data network effect. The more protocols we score, the better our priors, the more accurate every new score becomes. It’s a moat.
Bayesian Weight in TrustGrade
Bayesian posterior contributes 30% weight for DeFi protocols. It’s particularly powerful for:
- New entities with limited data
- Detecting anomalies (when observed data diverges sharply from prior)
- Scoring AI agents where behavioral consistency matters
Signal 3: Volume Bonus — Statistical Power
More data = more confidence. We apply a logarithmic volume bonus:
$$\text{Volume Bonus} = \log_{10}(n) \times k$$
Where k is a calibration constant (0.5 for DeFi). This means:
- 100 transactions → bonus of +1.0
- 1,000 transactions → bonus of +1.5
- 10,000 transactions → bonus of +2.0
- 100,000 transactions → bonus of +2.5
The logarithmic curve means diminishing returns — going from 100 to 1,000 txs matters more than going from 10,000 to 10,100. This prevents high-volume but mediocre protocols from inflating their scores.
Signal 4: Compound Penalty — Incident Severity
When things go wrong in crypto, they go very wrong. A single $50M exploit should tank a protocol’s score more than ten minor front-end bugs.
We use a compound penalty function:
$$P = 1 - (1 - s)^2$$
Where s is incident severity (0 to 1). The squared term means:
- A severity-0.5 incident costs 0.75 points
- A severity-0.8 incident costs 0.96 points
- Two severity-0.5 incidents cost 0.94 points (they compound)
Putting It All Together
The final TrustGrade score:
$$S = W \cdot w_w + B \cdot w_b + V - P \cdot w_p + \Sigma(\text{optional signals})$$
| Component | Weight (DeFi) | What It Captures |
|---|---|---|
| Wilson Score (W) | 40% | Conservative success rate |
| Bayesian Posterior (B) | 30% | Prior-informed reliability |
| Volume Bonus (V) | log scale | Statistical credibility |
| Incident Penalty (P) | 15% | Risk event severity |
| Optional Signals | varies | Governance, oracle, TVL stability |
Try It Yourself
Here’s how to score a DeFi protocol using the TrustGrade API:
curl -X POST https://api.trustgrade.ai/v1/score \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"entityType": "defi_protocol",
"entityId": "uniswap-v3",
"data": {
"tvl": 5200000000,
"txSuccessRate": 0.998,
"totalTx": 85000000,
"audits": ["Trail of Bits", "OpenZeppelin", "ConsenSys"],
"incidents": [],
"governanceProposals": 142,
"governanceParticipation": 0.085
}
}'
Response:
{
"score": 92,
"grade": "A",
"confidence": 0.96,
"breakdown": {
"wilson": 0.995,
"bayesian": 0.989,
"volumeBonus": 2.47,
"penalty": 0.0,
"optionals": { "governance": 0.82, "auditDiversity": 0.95 }
},
"summary": "Exceptional trust profile. Battle-tested with 85M+ transactions, zero exploits, and diverse audits."
}
And using the MCP server from an AI agent:
# AI agent checks trust before executing a large swap
result = await mcp_client.call_tool("check_trust", {
"entity_type": "defi_protocol",
"entity_id": "uniswap-v3"
})
if result["grade"] in ("A", "A+", "B+"):
await execute_swap(amount=50000, protocol="uniswap-v3")
else:
log.warning(f"Blocked: protocol grade {result['grade']} below threshold")
Why This Matters
Crypto doesn’t have a lack of data — it has a lack of signal. TVL numbers, transaction counts, and audit reports are all useful, but individually they don’t answer the simple question: “Can I trust this?”
TrustGrade’s Bayesian approach fuses dozens of signals into a single, defensible score. It’s not perfect — no trust metric is. But it’s mathematically rigorous, transparent, and most importantly: it updates in real time.
When a protocol’s TVL drops 40%, the Bayesian posterior shifts. When an exploit occurs, the compound penalty fires. When a new audit is published, the Wilson score recalculates. The score you see today reflects today’s reality, not a snapshot from last quarter.
Ready to score your entities? Get your free TrustGrade API key — 500 calls/month, no credit card required. Or read our full methodology for the mathematical deep dive.