Tiers & Disqualifications

Tier Definitions

Tier	Score Range	Profile
Prime	8.0 – 10.0	Mature code, multiple audits, simple strategy, timelocked governance, no recent incidents
Core	5.0 – 7.9	Audited with shorter track record, moderate complexity, or permissive governance
Edge	0.0 – 4.9	Unaudited, <6 months live, complex aggregation, or recent incident

Tiers are relative risk classifications, not recommendations. Prime does not mean "safe" — it means strongest observable security characteristics among tracked vaults.

Hard Disqualifications

These rules override the composite score calculation:

No Audit → Forced Edge

If the deployed protocol version has no audit, the vault score is capped at 4.9 (Edge tier). This is the single most impactful override in the model.

No audit means:

No security audit report exists for the specific deployed version
An audit of a different version does not count
The protocol may be audited, but the specific contract version is not

Multiple Zero Sub-Scores → Forced Edge

If 2 or more risk sub-components score exactly 0, the vault is forced to Edge tier. This prevents a vault from achieving a high composite score while having critical gaps.

Single Zero → Cannot Reach Prime

If any single sub-component scores 0, the vault cannot achieve Core tier or above. A zero in any dimension indicates a critical risk gap.

Override Rules Summary

Condition	Effect
Unaudited protocol version	Score capped at 4.9 (forced Edge)
2+ sub-scores at zero	Forced Edge
Any sub-score at zero	Cannot reach Core
Incident < 30 days	Platform capped at 2 (forces Edge)
Incident 30-90 days	Platform capped at 5 (forces Core max)

Warning Indicators

Beyond tier classification, vaults can have warning flags:

Warning	Threshold
Low TVL	< $100,000
New vault	< 1 month old
Recently deployed	< 3 months old
Stale audit	Audit > 18 months old
Outperforming APR	> 5× category average