We're building risk infra for Web3 and ETH. Would you trust osint-based risk data?

Post original

We build a risk score for ETH and Web3 based on historical failure patterns, data is basically osinted by our detectors (we open sourced part of the stack). We've already indexed 1600 projects against the patterns that biggest exploits had before they got hit, plus the risk management practices that would have stopped the attack somewhere along the chain. Stuff like stale audits, no documented key management, no certifications (CCSS, ISO, SOC), no insurance. The public data only part is our main point: right now, projects disclose really nothing, and you can't DD which project will wire their treasury to North Korea next. Would you trust such score? Any ideas that you would need in a score that measures risk? You can check all the nitty gritty on website and in docs . But its mvp rn and scores will probably change as we polish how data is gathered and processed. Would appreciate any opinion!   submitted by   /u/core3guy [link]   [comments]