Rubric & methodology
How the W3S Trust Mark assesses utility-token projects: a transparent, weighted rubric across nine axes, four published tiers, the evidence we require, and our conflict-of-interest, validity, suspension, and appeal policies. The Trust Mark is a private trust-readiness assessment — not a government license, an audit, or a guarantee of any exchange listing.
How scoring works
A reviewer scores each of the nine axes from 0 to 5 against the published criteria. Each axis carries a fixed weight; the weighted total is normalised to a 0–100 score. Scores are advisory inputs to a human certification decision, never automatic. A project must reach at least 60/100 to be certified.
Levels
The 0–100 score maps to four tiers:
60–69 / 100
Foundational trust-readiness: core utility, documentation, and disclosures are in place.
70–79 / 100
Solid trust-readiness with a credible team, legal posture, and security practices.
80–89 / 100
Strong, well-documented maturity across governance, treasury, and risk controls.
90–100 / 100
Institutional-grade readiness suitable for the most demanding partners and counterparties.
Below 60/100, a project is not certified; the reviewer returns a findings summary and the project may re-apply after addressing the gaps.
The nine axes
Each axis is weighted by its contribution to trust-readiness. Weights sum to 100.
Utility
15% · of the scoreWhether the token has a clear, documented utility/access function inside the project — and is not framed as an investment product, a speculative asset, or a payment currency.
Evidence required: Token-utility description, product/access mapping, and copy that avoids investment or return language.
Documentation
10% · of the scoreQuality, accuracy, and completeness of public documentation: whitepaper, docs, disclosures, and risk language.
Evidence required: Whitepaper/docs links, a changelog, and a plain-language risk disclosure.
Team identity
10% · of the scoreIdentifiability and credibility of the team and the operating entity behind the project.
Evidence required: A named team or verified entity, roles, and relevant track record; entity registration where applicable.
Legal posture
15% · of the scoreLegal posture and jurisdictional awareness, including disclaimers and any required reviews.
Evidence required: Counsel-reviewed terms/disclaimers, jurisdiction notes, and (where relevant) a legal opinion on token classification.
Security
15% · of the scoreSmart-contract and operational security posture, including independent review status.
Evidence required: Audit report(s) or audit-readiness evidence, contract source, and a vulnerability-disclosure path.
Treasury
10% · of the scoreTreasury structure and controls: custody arrangements, multisig, and transparency.
Evidence required: Treasury/multisig configuration, signer policy, and on-chain addresses where applicable.
Governance
10% · of the scoreDecision-making, change control, and accountability structures.
Evidence required: A governance description, a change-control process, and conflict-of-interest handling.
Operational maturity
8% · of the scoreOperational maturity: roadmap delivery, support, and continuity.
Evidence required: A roadmap with delivery history, support channels, and an incident/continuity plan.
Risk controls
7% · of the scoreRisk identification and mitigation, including compliance-awareness and disclosures.
Evidence required: A risk register or risk summary, mitigations, and jurisdiction/eligibility controls.
Conflict-of-interest policy
Web3 Serv may also provide services to projects it assesses. To protect the mark's credibility, every reviewer must declare and affirm no disqualifying conflict of interest before a certification is issued; the affirmation is recorded for audit. Reviewers with a material interest in a project are recused. The assessment is independent of any commercial relationship.
Validity & re-assessment
Certificates are issued for a fixed term of 6 or 12 months. After expiry, the project must be re-assessed against the current rubric to remain certified. Material changes to a project (token mechanics, team, treasury, or contracts) require re-assessment before expiry.
Suspension & revocation
A certificate may be suspended (a reversible hold pending review) or revoked (permanent) if a project misrepresents information, materially changes its risk profile, breaches the trust-readiness standard, or fails re-assessment. Suspensions and revocations — with their date and reason — are published on the public registry.
View the suspension & revocation registryAppeals
A project may request a review of a score, suspension, or revocation by contacting Web3 Serv within 30 days. A reviewer not involved in the original assessment re-examines the evidence and issues a final decision. The outcome and rationale are recorded.
A W3S Trust Mark and listing-readiness report are private Web3 Serv assessments. They are not an official government license, an ISO certificate, investment advice, or a guarantee of exchange listing.
Ready for assessment?
Submit your project for a transparent trust-readiness assessment against this rubric.