Across the vibrant DeFi landscape are a wide array of different products, protocols and smart contracts all coming with their own inherent risk. Up until now, there have been little tools to assess this risk, largely forcing users to make educated guesses on where they can trust their money to be used.

Today, we saw a big step in the right direction with the launch of Inspect – an open-source registry dedicated to protocol transparency in DeFi, tracking all public audits, admin key details, oracle dependency and on-chain activity.

New product launch 🚀 From the team that brought you the @ConsenSysCodefi DeFi Score:https://t.co/o3wEt0Z5WF Inspect is an open source registry dedicated to protocol transparency in DeFi, tracking all public audits, admin key details, oracle dependency and on-chain activity. — Jordan Lyall (@JordanLyall) April 6, 2020

Built by the team who brought us the DeFi Score, Inspect offers a novel piece of risk management infrastructure for the wider DeFi ecosystem to mature.

What Does it Do?

Inspect aggregates different lending protocols and provides insights into important characteristics which help better establish a framework for the degree of decentralization and security each project presents. At inceptions, Inspect currently covers Aave, Compound, DDEX, dYdX, Fulcrum, Maker and Nuo. The different characteristics include:

Smart Contract Audits – The quantity of proactive code audits from reputable firms. Theoretically, the more audits, the more secure the underlying contracts.

Timelock – The predefined period of time necessary for major smart contract changes to be implemented.

Multisig – Taking into account how many parties are necessary for the protocol to transfer funds out of smart contracts. Those with a higher signature threshold are likely to require more consensus and be harder to game.

Last Event – The last onchain transaction an admin made.

DeFi Score – A unique score which assesses the security of different assets across unique lending protocols. The score is an aggregated average of all the assets supported on the platform.

As one might have expected, the project with the highest degree of trust (as indicated by the number of audits and highest DeFi score) are Maker and Compound. On the flip side is a project like Nuo which has only had 1 audit, does not a multi-sig address and has a DeFi Score of under 5.

Why Does This Matter?

Moving forward, we largely expect different projects to incorporate tools like Inspect into their projects when it comes to providing end-users with the capacity to choose between different lending protocols. As we saw with the recent lending integration in Coinbase Wallet, Compound and dYdX were the first to be chosen – perfectly in line with the higher score on Inspect.

We hope that the competitive nature of the score will encourage other lending protocols to up their security and reduce their trust vectors but for now, this is a fantastic step in the maturity of DeFi at large.

Words From the Creator

Not too long ago, we sat down with Jordan Lyall – a project lead at CodeFi responsible for the creation of the DeFi Score and Inspect. We’re pulled a select few portions of that interview to provide some context on this product and their wider vision.

What were the early day of CodeFi like?

Well to start, we were actually building a product called Alloy which was meant to act as an interface into DeFi – basically a DeFi dashboard. Not to shortly after, we recognized the “dashboard” space was pretty created. There were a number of mobile wallets and projects like Zerion that had great products but they were all missing one thing – risk.

If DeFi is ever going to scale to crypto noobs, we need to incorporate things like risk for them to be aware of what they’re interacting with. In talking to our users – both current and those limited to things like Coinbase – it became obvious that their approach to DeFi is “I see I can get X% here and Y% here”. But, what they couldn’t find was – Why are the interest rates different and what is the level of risks associated with them?

It was illogical to expect new users to see the differences in protocol risks, so we pivoted towards providing a metric to educate users on the risk(s) they’re taking. The first prototype was called the “risk score” and during our following user testing, people were pointing out the importance of risk metrics – specifically in the form of a score.

It was at that point that we put Alloy on hold and double-downed on the risk scoring framework which is now formally known as the DeFi Score.



Who’s the target user for these products?

Our product is open-sourced and uses Python – allowing anyone to pull data programmatically. With that in mind, our “users” are those who find this data valuable. From dApps to portfolio products, wallets, etc. – Anyone who has end-users which display an open balance can benefit from integrating our products

From what we’ve seen to date, products are most interested in taking these metrics and showing them to their end-users. This helps aide in opportunity comparisons and while tools like Zerion are great when you’re exploring different lending rates, there’s additional value in showing that user a level of risk they’re about to enter.



From a development perspective, we’ve found that people like to use our score programmatically. Robo-advisor like RAY, Idol or Outlet can use the score to rebalance based on something more than the highest interest rates. Smart contracts are currently looking to see what the highest interest rates are, but rather than blindly jumping after rates – what if it were more weighted and took risk into account?

With that, products can build a deeper profile and judgement for rated return.

Closing Thoughts

In summary, it’s awesome to see a project going full steam ahead on risk management. While many other players are chasing the highest returns and looking to unlock new yield opportunities, players like CodeFi are playing a crucial role in the assessment and diligence of the protocols being widely used today.

Is the DeFi protocol audited? Do devs have ability to change code? Is there a timelock delay for changes to take place? Inspect by @ConsenSysCodefi answers these questions Aggregated protocol transparency DeFi keeps leveling up Check it:https://t.co/td2L6HjiCv — Ryan Sean Adams – rsa.eth (@RyanSAdams) April 6, 2020

If you or your project are interesting partnering with any of the aforementioned products, we recommend checking out their Github or getting directly in touch with Jordan.

To stay up on all things CodeFi, be sure to follow their official Twitter here.