defirisk.co
rubric v1.7.0

Rubric changelog

Every material change to the rubric, reverse-chronological. Tagged in the public repo.

Latest v1.7.0 Released 2026-05-12 License CC-BY 4.0

Every material change to the rubric is documented here. Versions are tagged in the public repo; entries link to the merged proposal and the resulting predicates.

A bump in the minor (e.g. v1.5 → v1.6) may flip letters without any evidence change. Affected assessments carry a rubric-shift note linking to the entry below.

v1.7.0 M1 v4 — severity-based scoring (Curve & Calibrate) 2026-05-12 #

  • Replaced the four-integer deterministic-lookup rubric with a severity-based score pipeline per PD-043. The letter is now derived from a 0–100 protocol risk score and a critical-flag count, not from category-color counts.
  • Per-category severity: each category receives a severity score (red × 3 + yellow × 1) / (assessed × 3) × 100. Gray factors are excluded from the denominator — data gaps neither help nor hurt the protocol.
  • Protocol risk score: core-five-weighted average of per-category severities (core-five weight 1.5×; all others 1.0×), plus a critical-red penalty of 5 pts per critical-flag red, capped at 15. Total score capped at 100.
  • Letter bands: F if critical_red_count ≥ 3 or score > 55; D if critical_red_count ≥ 2 or score > 35; C if score > 20; B if critical_red_count ≥ 1 or score > 12; A otherwise.
  • Single-category cap: after the natural letter is assigned, a core-five category with severity ≥ 60 caps the letter at D; severity ≥ 90 forces F regardless of natural letter. Cap constants: D=60, F=90. Cap reason shown on the protocol page.
  • Removed the gray_on_core_five A-eligibility gate, the TVL ≥ $100M and age ≥ 12 months A floors, and the per-category CAT_RED_THRESHOLD override map. Critical-flag counts and category colors remain available for display but no longer drive the letter directly.
  • Calibration/launch result: initial calibration used the pre-backlog cohort; the launch generated-data tree now contains 80 protocols under v1.7.0. Final grade distribution should be read from data/api/v1.7.0/index.json at release time.
  • API: data/api/v1.7.0/ is the canonical tree. The v1.6.0 folder is archived for rollback and version-comparison. New envelope fields: risk_score, category_severities, cap_applied, cap_reason.

v1.6.0 Badge layer retired (superseded by v1.7.0) 2026-05-11 #

  • Retired the badge layer entirely (CHRONIC / EVENT / ARCH / CLEAN). Per PD-035 the UI no longer renders any badge; per PD-036 the backend no longer computes it. compose.py simplified to return {letter} only.
  • Dropped the headline_badge field from the envelope schema in data/api/v1.6.0/. The v1.5.0 API folder is frozen as a legacy snapshot.
  • Preserved unchanged the four-count letter rubric (critical-flag, red-category, yellow-category, gray-on-core-five), category-red integrity rule, single-factor-sufficient overrides, and letter-ineligible states. v1.5 lookup logic is preserved verbatim — only the badge surfacing layer is gone.
  • Active-incident state surfaces as a non-rubric presentation banner on the protocol detail page (per PD-033) drawn from the Cat 5 incident ledger. The structural letter grade is unaffected during incidents.
  • F079 (root-cause distinctness) continues to score at the factor level; only the CHRONIC rollup that consumed it is dropped.
  • Documented accessibility tradeoff: the canonical D3 design system uses color-on-tint patterns for letter pills and severity chips (e.g., grade-A green letter #118a4d on green tint #dff2e3 at 10.5px). These render at ~3.8:1 contrast — under the WCAG 2 AA 4.5:1 threshold for small text. The patterns are load-bearing for the design's editorial identity; tightening contrast would change the visual contract. Body-text tokens (--fg-3, --fg-4) were darkened in this release for AA compliance (5.2:1 / 5.0:1). An opt-in High-contrast mode (AA button in the header) toggles a data-prefer-contrast attribute that swaps grade colors + tints for AA-clean variants without changing the default visual contract — see Design system v1.1 below.

Design system v1.1 High-contrast mode (UI-only, no rubric change) 2026-05-11 #

  • Added an opt-in High-contrast mode toggle (AA button) in the top bar next to the theme switcher. When enabled, the page sets a data-prefer-contrast attribute on <html>, which swaps letter-grade foregrounds and tinted backgrounds for darker / lighter variants that pass WCAG-AA 4.5:1 on all small text. The preference persists via localStorage (rd-prefer-contrast) and applies on first paint to avoid FOUC.
  • Note: share-preview OG cards continue to use the canonical palette — they are server-rendered PNGs and do not inherit the per-user opt-in.
  • Note: the rubric version (v1.7.0) is unaffected — this is a UI-only milestone tracked under the design system, not the rubric.

v1.5.0 Cat 12 dissolved, yellow caps recalibrated 2026-04-23 #

  • Dissolved Cat 12 (Legacy / deprecated state) per PD-032. F166 → Cat 5 (Ops history); F167 → Cat 2 (Governance); F168 → Cat 9 (Post-deploy hygiene); F169 deleted outright. Cats 13/14 renumbered to 12/13. Net: 14 → 13 categories, 185 → 184 factors.
  • Tightened yellow caps proportionally to the new 13-category basis: B cap 11 → 10, C trigger 12 → 11. Preserves the same fraction of the category space (~77%) as the prior B/C boundary on 14 categories.
  • Unchanged the ★ critical-factor count (20) and badge layer.

v1.4.0 Active-incident demoted from F-trigger to EVENT badge 2026-04-22 #

  • Demoted "active incident" from a direct F-trigger to an EVENT-badge-only signal. T-14 execution found the Aave v3 rsETH/Kelp and Compound v3 cases produced F grades on mature, structurally-sound protocols whose own architectural security was not at fault.
  • Added a category-red integrity rule so active events do not cascade into multiple factor-level reds.
  • Raised yellow caps on 8-protocol dry-run evidence to resolve residual C-compression. B cap 9 → 11; C trigger 10 → 12.
  • Promoted F180 (immutable oracle address with no admin-replaceable wrapper) from critical-CANDIDATE to ★. ★ count: 19 → 20.

v1.3.1 Clarifications 2025-11-02 #

  • Clarified the n/a treatment for protocols without an oracle dependency. No grade changes resulted.
  • Fixed two typos in the RD-F-018 evidence template.

v1.3.0 Verdict reviewers 2025-09-19 #

  • Introduced the two-reviewer requirement for verdict publication. All assessments since v1.3.0 carry both reviewer names in the page footer.
  • Formalised the conflict register; reviewers with a three-year material exposure to a protocol cannot grade it.

v1.2.0 Operational history weight 2025-06-08 #

  • Promoted operational history (Cat 5) to a load-bearing category. The five load-bearing categories are now: code, governance, oracle, operational history, fork/ dependency lineage.
  • Defined the 12-month look-back window for operational evidence. Older incidents are footnoted but do not enter the grade.

v1.1.0 Appeals process 2025-03-21 #

  • Published the appeals process. Factor-level disputes are now resolved within a 14-day window.
  • Opened the rubric-dispute issue tracker for proposals against the rubric itself.

v1.0.0 Founding rubric 2024-12-01 #

Initial public rubric. Core categories defined, 168 evidence factors, 8 critical-factor predicates. Letter precedence F > D > C > B > A. Grading deterministic against citations.