defirisk.co
rubric v1.7.0

About

Who maintains defirisk.co, why it exists, and how to challenge a grade.

Last updated 2026-06-11 Maintainer 0x_Abdul Independence No paid grades

Mission #

defirisk.co is a structural risk assessment of DeFi protocols. We grade what we can verify against an open rubric, and we are candid about what we cannot. The dashboard does not predict exploits — it exposes structural risk gaps in protocol deployments. An assigned grade is a protocol's standing against that rubric, nothing more.

Maintainer #

defirisk.co is maintained by 0x_Abdul. The maintainer holds authority on the rubric, the review pool, and the public repo.

Independence #

Independence is the only thing defirisk.co has to sell. There are no paid grades. Protocols cannot pay to be assessed, cannot pay to expedite an assessment, and cannot pay to influence one. defirisk.co is an open-source public good for the DeFi community.

Methodology disputes #

There are two kinds of disagreement we treat differently.

A grade dispute targets a specific factor on a specific assessment. It says: this citation is wrong, this predicate was misapplied, or this evidence is outdated. Grade disputes are handled through the appeals process documented in the methodology.

A rubric dispute targets the rubric itself. It says: this category is mis-specified, this critical factor is too broad, or this threshold is poorly calibrated. Rubric disputes are filed as issues against the public repo, reviewed by the editorial team, and either accepted into a future rubric version, deferred to a future revision, or declined with a public note.

Both classes of dispute are public from the moment they are filed. We do not pause grades or redact pages during a dispute window.

Code & data licenses #

Everything defirisk.co publishes is licensed for unrestricted reuse, subject to attribution. We choose permissive licenses deliberately, because a closed-licence risk assessment is mostly a marketing surface.

  • Data — all grades, evidence factors, citation lists, and derived datasets are licensed under CC BY 4.0. Attribution to "defirisk.co, rubric vN.N" is sufficient.
  • Code — the rubric engine, factor parser, adapter SDK, and site itself are licensed under MIT. Source for everything lives at the canonical repo.
  • Rubric definitions — the rubric/ directory (factor predicates, category definitions, critical-factor list) is dual-licensed under CC BY 4.0 and MIT, with attribution to the version tag.

Contact #

For grade disputes, use the appeals system.

For coverage requests — new protocols, new chains, new sectors — submit a public post on X tagging @0x_Abdul with the protocol name, chain, and official handle. Requests submitted publicly are logged and prioritised against the published criteria.

For any other inquiries, DM the X account.