How We Score Risk: Inside yieldwire's Security Methodology
Most yield aggregators show you APY and TVL. We show you whether the protocol behind those numbers has a multisig, a timelock, or a history of exploits. Here's exactly how our security scoring works.
The Problem With Chasing APY
A pool shows 80% APY. You deposit. Three weeks later the protocol gets exploited and your funds are gone.
This happens more than it should. And it keeps happening because most yield dashboards treat all protocols the same. They show you a number and a TVL figure. That's it. No context on who controls the admin keys, whether there's a timelock on upgrades, or if the code has ever been audited.
We built yieldwire's security scoring system to fix this. Every protocol on yieldwire gets a score from 0 to 100 before you ever see its APY. Risk first, yield second.
This post explains exactly how the scoring works, what data feeds into it, and what the numbers mean in practice.
Two Layers of Scoring
Not all risk lives at the same level. A protocol can be well-audited with a robust multisig, but a specific pool on that protocol might still carry high impermanent loss risk or depend on a fragile oracle.
That's why we score at two layers:
Protocol Security Score (PSS) evaluates the protocol itself. Think of it as grading the team, the code, and the governance behind every product a protocol offers. This score applies to all pools from that protocol.
Vault/Pool Safety Score (VSS) evaluates the specific pool or vault you're looking at. A USDC lending pool on Kamino has a different risk profile than a SOL-USDC LP position on Raydium, even if both protocols score well on PSS.
The final score you see on yieldwire combines both:
Security Score = PSS x 60% + VSS x 40%
We weight PSS more heavily because protocol-level failures (hacks, rug pulls, compromised admin keys) tend to wipe out entire positions. Pool-level risks like impermanent loss are real but typically more gradual and recoverable.
What Goes Into the Protocol Security Score
PSS evaluates five dimensions, totaling 100 points.
Audits (up to 30 points)
Has the code been reviewed by independent security firms? How many firms? How recently?
A single audit from a recognized firm like OtterSec, Halborn, or Trail of Bits scores 12 points. Multiple audits from different firms push that to 20. Recent audits (less than 12 months old) and top-tier firms earn bonus points up to the 30-point cap.
Zero audits means zero points here. That's the reality for 58% of Solana DeFi protocols with TVL above $1M. Most of DeFi is running unaudited code.
Multisig and Governance (up to 25 points)
Who can upgrade the smart contracts? A single admin wallet? A 2-of-3 multisig? A 4-of-6 with publicly identified signers?
This dimension matters more than most people realize. Even an audited contract can be upgraded to something malicious if one person holds the admin key. A robust multisig (3/5 or higher) with known signers scores up to 20 points. On-chain governance with DAO voting adds up to 5 more.
Protocols with a single admin key get zero points here, regardless of how good their code looks.
Timelock (up to 20 points)
When the admin pushes an upgrade, how much notice do users get?
A timelock forces a delay between when an upgrade is proposed and when it takes effect. A 48-hour timelock means you have two days to withdraw your funds if you don't like what's coming. A 7-day timelock earns the full 20 points.
Here's the uncomfortable truth: of the top 10 Solana DeFi protocols by TVL, only Jupiter Lend has a publicly documented timelock (12 hours). The rest either have no timelock or haven't disclosed it. This is one of the biggest security gaps in the ecosystem right now.
Track Record (up to 15 points)
How long has the protocol been running on mainnet without incidents?
Time in production is a rough but useful signal. A protocol that has handled hundreds of millions in TVL for 24+ months without an exploit earns the full 15 points. A protocol that launched last month gets zero, no matter how good everything else looks.
Known exploits carry a penalty of -10 points (reduced to -5 if the team did a full reimbursement). Drift's $285M hack in April 2026 dropped it to an F grade. Loopscale's $5.8M exploit two weeks after launch did the same.
Transparency (up to 10 points)
Is the code open source? Are contracts verified on the explorer? Is there an active bug bounty?
Open source with verified contracts scores 6 points. An active bug bounty on Immunefi or similar adds 2 more. Complete technical documentation adds the final 2.
What Goes Into the Pool Safety Score
VSS evaluates the specific instrument you're considering, also totaling 100 points across five dimensions.
Liquidation Risk (up to 30 points)
Only applies to lending positions. A conservative LTV cap (below 70%) scores 22 points. Aggressive LTV (above 80%) scores just 8. Pools without liquidation risk (staking, stablecoin LP) get the full 30.
Impermanent Loss Risk (up to 25 points)
Single-sided positions (lending, staking) score the full 25 since IL doesn't apply. Stablecoin pairs score 20. Correlated pairs like SOL/jitoSOL score 14. Uncorrelated pairs like SOL/USDC drop to 8, and high-volatility uncorrelated pairs score just 4.
Oracle Risk (up to 20 points)
Positions without external oracle dependencies (native staking) score 20. Pyth Network or Switchboard oracles score 15. Proprietary oracles score 7. If we can't determine what oracle a protocol uses, it scores 3.
TVL Depth (up to 15 points)
Larger TVL generally means more battle-testing and easier exits. Pools above $100M get 15 points. Between $10M and $100M gets 10. Below $10M gets 5 or less.
TVL isn't a safety guarantee. But when things go wrong, deeper liquidity means you're more likely to exit before the worst of the damage.
External Dependencies (up to 10 points)
Every external protocol your position depends on adds attack surface. Pure staking with zero dependencies scores 10. One dependency scores 7. Three or more dependencies score just 1. A Kamino vault that routes through Raydium inherits risk from both protocols.
The Grade Scale
Scores map to letter grades with color coding:
| Score | Grade | Risk Level |
|---|---|---|
| 85-100 | A | Low Risk |
| 70-84 | B | Moderate-Low Risk |
| 55-69 | C | Moderate Risk |
| 40-54 | D | High Risk |
| 0-39 | F | Very High Risk |
Right now, no protocol in our universe of 132 Solana DeFi protocols scores an A. The ecosystem average sits at 56.1, which is a C. Protocols with full research (HIGH confidence) average 70.2, a B.
Here's how the distribution looks across 132 tracked protocols:
| Grade | Count | % |
|---|---|---|
| A (85-100) | 0 | 0% |
| B (70-84) | 19 | 14% |
| C (55-69) | 60 | 45% |
| D (40-54) | 46 | 35% |
| F (0-39) | 7 | 5% |
The 19 protocols with a B grade are what we consider "listable without reservations." These include Marinade (84), Jito (83), Kamino Lend (79), Sanctum (78), Jupiter Lend (75), and Orca (75).
Category Patterns
Different protocol categories carry different risk profiles. Here's what our data shows:
| Category | Avg Score | Typical Risk |
|---|---|---|
| Staking Pools | 73 | Low |
| Liquid Staking | 65 | Low, no liquidation or IL |
| Liquidity Managers | 66 | Active IL + strategy risk |
| Lending | 63 | Medium, liquidation + oracles |
| Yield Aggregators | 63 | Medium, compounded risk |
| DEX / AMM | 52 | IL high in concentrated LP |
| Derivatives | 50 | High, leverage + oracles |
| Bridges | 48 | Very high, most exploited category in DeFi |
Bridges score lowest on average because they're the most common exploit vector in DeFi history. Lending sits in the middle: well-understood risks, but oracle failures and liquidation cascades can cause real damage. Liquid staking scores highest because the risk model is simpler: no liquidation, no IL, just validator performance and smart contract risk.
What Gets Flagged
Three special flags override the normal scoring:
HACK means a protocol has suffered a recent exploit and shouldn't be considered until reconstruction is complete. Drift (score 37) and Loopscale (score 39) currently carry this flag.
ZOMBIE means a protocol is abandoned. Serum (score 38) still shows $15.6M in residual TVL from the FTX collapse, but the code is frozen and nobody is maintaining it.
UNGRADEABLE means we don't have enough data to produce a reliable score. 49 protocols fall into this bucket, all with zero audits on DeFiLlama and TVL below $50M. These are actually our biggest opportunity: original research where nobody else is digging.
Confidence Levels
Not all scores are created equal. We tag each with a confidence level:
HIGH confidence means we've done manual research: read the audit reports, verified the multisig on-chain, checked the timelock config, reviewed the incident history. 24 protocols have this level of research.
AUTO confidence means the score is generated from category profiles plus DeFiLlama audit data. It's a conservative estimate. 108 protocols use this. Many of them likely have audits or security features that aren't registered on DeFiLlama, so their actual security posture may be better than the score suggests.
We're working through the backlog. Any protocol that crosses $50M in TVL gets prioritized for HIGH confidence research.
How to Use This
The score shows up on every pool listing on yieldwire, right next to the APY. You can filter by grade to see only B-grade or higher protocols if you want to stay conservative.
On the pool detail page, you get the full breakdown: PSS and VSS separately, each dimension's contribution, plus the raw facts (which auditors, what multisig setup, timelock duration, incident history).
Some practical guidelines:
Conservative strategy: Filter for B grade or higher. Stick to lending and liquid staking. You're looking at Kamino, Jito, Marinade, Jupiter Lend, Orca. APYs in the 5-10% range for stablecoins, 6-8% for SOL staking.
Balanced strategy: Include C grade protocols with HIGH confidence scores. This opens up more yield options while still avoiding the unknowns. Use the yield calculator to model returns.
Aggressive strategy: You're comfortable with D grades and concentrated LP positions. Higher yields, but understand that you're taking on more risk. The score helps you know exactly where that risk sits.
What This Isn't
The security score is informational. It's not a guarantee, not financial advice, and not a substitute for your own research.
A B-grade protocol can still get exploited. An F-grade protocol might actually be fine but just hasn't published its audits. The score reflects what we can verify from public data, on-chain evidence, and direct research. It's a starting point, not an endpoint.
We update scores quarterly under normal conditions and immediately when there's an exploit, a significant governance change, or new audit information.
What's Next
We're expanding the scoring system in three directions:
First, deeper research on the 49 UNGRADEABLE protocols. Many of them have security features that just aren't documented anywhere public. We're reaching out to teams directly.
Second, historical score tracking. You'll be able to see how a protocol's security posture has changed over time, not just where it stands today.
Third, Ethereum and EVM chains. The same methodology applies. Different protocols, same risk dimensions.
The full methodology spec is public. If you're a protocol team and want to improve your score, the path is straightforward: get audited, set up a multisig, add a timelock, and document it all publicly. We'll update your score as soon as we can verify the changes.
Explore security scores for all 132 Solana DeFi protocols at yieldwire.xyz/security.
This scoring system is informational only. It does not constitute financial advice. Always do your own research before depositing funds into any DeFi protocol.
Track all Solana yields in real time
Compare APYs across lending, LP, and liquid staking protocols on the YieldWire dashboard.
Open Dashboard →