explorer/Web3privacynowplatform/scoringmodel/Scoring 1.2 community reflection.md
2023-12-06 16:46:43 +01:00

5.1 KiB

Community feedback x our Scoring model 1.2 version.

Main goal: to have an MVP on how non-techies could analyze if the project is private or not (think of "IMDB" or "L2beat" for privacy)

Sub-goal: to have a more objective scoring model made in collaboration with the privacy community.

Context:

  • Persona: a web3 casual user without dev knowledge & privacy illiterate. He/she/they has limited time for research & needs to perform simple steps to ensure that service is private.
  • Assessment categories: we broke down analytics flow into 2 main categories: validity track (quick check-up) & DYOR (do your own research that requires more time & subjective opinion).

Sandbox: DeFi category that has been analyzed

How to use sandbox?

  1. Read takeaways.
  2. Give us feedback via general comments in the Community on Signal or make a Pull request here.
  3. You can always explore 38 DeFi project' assessment here

Scoring model 1.2: validity track

Validity track covers GitHub, Product-readiness, Team, Docs, Audit.

Note: quick assessment helps to decrease privacy dark patterns from obscure language to test-net claiming it has a "state of art privacy". alt text

We use % as a simplified way to prototype scoring model (from % to 100%). Later versions will include a mixmodel of %, yes/no assumptions & much complex observations. alt text

Practical examples

100% scoring

Project GitHub Product-readiness Team Docs Audit Score
RAILGUN Github live (Public) Docs 5 audits 100%

0% scoring

Project GitHub Product-readiness Team Docs Audit Score
Sienna Network 🚩LOW (GitHub) 🚧 anon Docs 🚩 2022: 9 audits 0%
Silent protocol - 🚧 anon - - 0%
Common - 🚧 anon - - 0%
CIA protocol - 🚧 anon - - 0%

38 projects from the privacy x DeFi category were scored here

Red flag examples

Poor GitHub

alt text

https://github.com/Hurricane-Protocol

Outdated Audit

🚩check: date; result: outdated (1 year+) alt text https://docs.definer.org/v/copy-of-definer.org/security/audits

Marketing docs

🚩check: language (verbal & visual), if it's for developers & how complex (# of pages) it is; result: marketing - non-technical

https://shadecash.gitbook.io/shadecash/token/token-and-distribution

https://shadecash.gitbook.io/shadecash/get-started/how-to-withdraw-relayer

Sunset

🚩check: the last updates; result: inactive since 2021

http://coinbook.app

alt text

https://twitter.com/coinbook_com

Team

🚩check: public team; result: anon

https://ciaprotocol.com/#about

Summary

alt text