3.9 KiB
3.9 KiB
Privacy scoring modelling > Web3privacy now analytical platform
MVP for non-tecies expanded to techies
Sandbox: DeFi category that has been analyzed
How to use sandbox?
- Read takeaways.
- Give us feedback via general comments in the Community on Signal or make a Pull request here.
- You can always explore 38 DeFi project' assessment here
Scoring model 1.2: validity track
Validity track covers GitHub, Product-readiness, Team, Docs, Audit.
Note: quick assessment helps to decrease privacy dark patterns from obscure language to test-net claiming it has a "state of art privacy".
Sandbox
Extended
| Project | GitHub | Product-readiness | Team | Docs | Audit | Contributors | Licenses | Support | Score |
|---|---|---|---|---|---|---|---|---|---|
| Test project | available & active GitHub / not (25%) | Live or 🚧 (exclusion criteria) | public team / not (25%) | available & not marketing docs / not (25%) | available & up to date third-party audit / not (25%) | external contributors outside of the team members | What licenses are in use | Some form of support available? (telegram, discord, forum) | from 0 to 100% |
| score | 12.5% | 12.5% | 12.5% | 12.5% | 12.5% | 12.5% | 12.5% | 12.5% | 100% |
GitHub
- Is it in stable release, 1.0 and not an alpha or untested code?
- Are there many PRs and Issues pending?
- Are there external contributors outside of the team members?
Docs
- read the documentation: is it comprehensive?
Team
- Check if there are known contributors (reputation 101)
- Check commits at GitHub
- How many community contributors beyond core team?
- How many technical specialists in the team?
- How mature are core contributors (previous projects, GitHub commits)?
Third-party audit
- Were bugs fixed?
- How centralized is the protocol governance?
- How centralized are product updates?
Infrastructure
| Scoring | Techie |
|---|---|
| How much to run a node | + |
| Where are the nodes | + |
| Number of nodes/servers/ -> the larger the footprint the best privacy | + |
Data aggregation
| Scoring | Techie |
|---|---|
| no email or tel nr for signup | + |
| does not implement KYC or AML | + |
| What user information is stored? (username, IP address, last connection, wallets associate, etc) | + |
Traction
| Scoring | Techie |
|---|---|
| Amount of transactions | + |
| number of people using it | + |
Governance
| Scoring | Techie |
|---|---|
| DAO structure (if applied) | + |
Backlog
General
| Scoring | Techie |
|---|---|
| Immutability | + |
| Decentralised throughout, including hosting | + |
| Permissionless & accessible to all | + |
| Open-source | + |
Privacy policy
| Scoring | Techie |
|---|---|
| Privacy Policy content | + |
| Non-vague and non-intrusive privacy policy | + |
Storage
| Scoring | Techie |
|---|---|
| e2e encrypted LOCAL storage | + |
| Where is it stored? (centralized server, certain jurisdictions, on-chain, in browser/local cache) | + |
Privacy execution
| Scoring | Techie |
|---|---|
| p2p / no central server | + |
| Trustless - No ID required (this is where ZKs are useful) | + |
Testing
| Scoring | Techie |
|---|---|
| try to trace a transaction | + |
| Other tooling to verify e.g. block explorers | + |