ABOUT ZERØTRUST

The Trustless Index is an educational platform designed to help users understand and compare blockchain networks across key metrics that matter for decentralized systems.

OUR MISSION

To provide unbiased, educational content that helps users make informed decisions about blockchain networks based on objective technical metrics.

OUR APPROACH

We evaluate blockchains across six critical dimensions: trustlessness, decentralization, immutability, censorship resistance, speed, and ownership distribution.

SCORING METHODOLOGY

BLOCKCHAIN SCORING

Layer 1 blockchains form the base layer of DeFi. They aren't governed by a single contract, but by consensus mechanisms, validator economics, and governance structures. To evaluate their trustlessness, we score them on six key dimensions. Each is scored 1.0 (worst) to 10.0 (best), with the Final Score as the average. This rubric is distinct from the one used for Smart Contracts because blockchains and dApps face different risks.

Decentralization

10.0 ~ Tens of thousands of independent validators/nodes, geographically and jurisdictionally diverse, no single entity controls >5-10%.
7.0-9.0 ~ Thousands of validators/miners, some concentration (e.g., mining pools, LST dominance), but still broadly distributed.
4.0-6.0 ~ Hundreds of validators with material concentration (a few operators control >33%).
1.0-3.0 ~ Dozens or fewer validators, heavily centralized (e.g., one foundation/company appoints them).

Censorship Resistance

10.0 ~ No history of address freezes/blacklists at protocol level; validator set too broad for coordinated censorship.
7.0-9.0 ~ Resistant in principle but with some cracks, e.g., OFAC-compliant validators, MEV relays filtering.
4.0-6.0 ~ Centralized validator set makes collusion for censorship plausible; evidence of compliance steering.
1.0-3.0 ~ Protocol includes freeze/blacklist/clawback features or halts by design; censorship can be coordinated easily.

Immutability

10.0 ~ "Code is law" culture, no rollbacks, no admin keys, and no history of protocol halts. Hard forks only for forward upgrades, not state reversals.
7.0-9.0 ~ Strong immutability but with controlled upgrades (hard forks every year or so, EIPs, improvement proposals).
4.0-6.0 ~ Frequent upgrades, foundation-driven roadmaps, history of halts but no state rollbacks.
1.0-3.0 ~ Protocol halts, forced rollbacks, upgradable consensus logic by foundation.

Security

10.0 ~ Battle-tested consensus with billions of dollars at stake. No downtime, no successful 51% / consensus attacks.
7.0-9.0 ~ Strong record, but reliance on centralized infra (e.g., AWS outages), or small vulnerabilities patched without exploit.
4.0-6.0 ~ Documented downtime, validator liveness failures, or reorgs that disrupted users.
1.0-3.0 ~ Repeated halts, reorgs, or successful consensus-layer exploits.

Speed

10.0 ~ Sub-second block times, >10,000 TPS in real conditions, and no history of catastrophic halts.
7.0-9.0 ~ 2-5s block/slot finality, 200-2,000 TPS real throughput.
4.0-6.0 ~ Sub-15s blocks, ~50-200 TPS in practice; can lag under heavy load.
1.0-3.0 ~ 15-60s or longer to confirm; <50 TPS; clunky UX for DeFi.

Speed is included because user experience depends on how fast transactions confirm, but it's not a free win: high speed is often achieved by reducing validator numbers or centralizing consensus, which can weaken decentralization and immutability. In other words, chains that boast higher throughput may gain performance but lose trustlessness, while slower chains often protect security and censorship resistance through broader validator participation.

Distribution (Ownership)

10.0 ~ No premine, no foundation hoard, broad supply distribution across millions of holders.
7.0-9.0 ~ Mostly broad but with identifiable whales or concentrated early allocations.
4.0-6.0 ~ Heavy concentration (>50% supply linked to foundation, insiders, or VCs).
1.0-3.0 ~ Clear centralization: majority owned/controlled by one entity or small group.

Final Score

The Final Score is the average of the six metrics above. While all factors are weighted equally in the math, readers should note that Decentralization + Immutability are the most critical in assessing whether an L1 can be stopped or steered.

SMART CONTRACT SCORING

The Trustless Index evaluates smart contracts and protocols on five core dimensions of trustlessness. Each metric is scored from 1.0 (worst) to 10.0 (best). The Trustless score is the average of all five.

Our framework is designed to be absolute, not relative. That means HEX scoring 10.0 doesn't mean Aave "must" be close at 9.0 - it means HEX meets the maximum bar of immutability and Aave doesn't, regardless of popularity.

No Admin

10.0 ~ No admin keys, no owner functions, no multisigs, no governance hooks that can alter core logic.
7.0-9.0 ~ Only minimal, non-critical functions remain (e.g. fee routing, variable adjustments).
4.0-6.0 ~ Multisigs or DAOs can pause, upgrade, or otherwise interfere.
1.0-3.0 ~ Clear admin control; contract can be altered at will.

Immutable

10.0 ~ Finished product; bytecode is final, rules cannot change.
7.0-9.0 ~ Mostly fixed, but some configurable parameters.
4.0-6.0 ~ Upgradeable via proxy or governance.
1.0-3.0 ~ Fully mutable; upgrade hooks allow core logic to change freely.

No Proxy

10.0 ~ Contract deployed directly; no upgradeable proxy in place.
7.0-9.0 ~ Some auxiliary modules proxied, core immutable.
4.0-6.0 ~ Major functions proxied and upgradable by governance.
1.0-3.0 ~ Proxy controlled by admin/multisig; logic swappable at will.

Open Source

10.0 ~ Fully verified source code on-chain, open GitHub/GitLab repository, transparent deployment history.
7.0-9.0 ~ Mostly open, minor components unverified or obfuscated.
4.0-6.0 ~ Partial transparency, unverifiable helpers.
1.0-3.0 ~ Closed-source or non-verified bytecode.

Audited

10.0 ~ Multiple professional audits, long runtime, and active bug bounty programs. For immutable contracts, audits are evergreen.
7.0-9.0 ~ At least one professional audit plus runtime history, but active upgrade path means audits can expire.
4.0-6.0 ~ Single audit of limited scope or younger project with minimal track record.
1.0-3.0 ~ No known audit or unresolved critical issues.

Trustless Score

The final Trustless score is the arithmetic mean of the five categories above.

Notes on Interpretation

High Audit score ≠ perfect safety. Aave may score 9.0 for audits because it has many and runs a bug bounty, but since it's upgradeable, audits can "age out" as code changes. HEX, on the other hand, is immutable - so a single set of audits remains valid forever, justifying a 10.0.

No Admin & Immutable are weighted in perception. While mathematically all metrics are equal, readers should note that these two define the heart of trustlessness. A protocol with a 10 in Audited but a 1 in No Admin is not trustless.

EDUCATIONAL PURPOSE

This platform is designed for educational purposes only. Scores and ratings are based on technical analysis and should not be considered as investment advice. Always do your own research before making any decisions.