# Security Rating Methodology

A Security Rating of one (1) to 100 will be assigned to each protocol in order to measure the risk associated with it. A higher Security Rating means the protocol is more secure and the likelihood of an occurrence of a hack, bug or exploit or the severity of such an event is low.

The Security Rating will be calculated based on 5 factors with weights stated below:

#### 1. Project Implementation (10%)

* Project nature & technical difficulties
* Roadmap and future changes
* Back-end chain

#### 2. Project Operation (15%)

* Project age
* Operation history
* TVL
* Existing coverage on funds

#### 3. Team Qualification (5%)

* Team anonymity
* Team experience especially in programming
* Operations and management

#### 4. Audit (40%)

* Transparency and scope
* Findings and vulnerabilities
* Trust score
* Frequency and updates

#### 5. Code (30%)

* Open-sourced
* Bug bounty program
* Issues raised on Github or by community
* Documentation
* Testing
* Readability
* Architecture
* Oracle
* Layer-2 solution adoption
* Integration with external protocols
* Access control management
* Security administration
* Multi-signature