Based on the rules described further, every isolated pool is assigned one of five ratings:

• Rating A: Excellent (5)

• Rating B: Good (4)

• Rating C: Moderate (3)

• Rating D: High-risk (2)

• Rating E: Critical (1)

Numbers in brackets are assigned to each rank and are used for numerical operations with ranks (e.g., averaging).

The ratings are given for 2 factors:

• Manipulation Complexity

• Bad Debt

Minimal of two ratings is assigned to the pool. Total protocol rank is calculated by weighted average of pool ranks for each factor, rounded to the nearest value. Pool weights are set proportionally to their TVL for Manipulation Complexity ratings and proportionally to their Total Borrows for Bad Debt ratings.

Manipulation complexity

Our metrics in this category are based on the Manipulation Cost (MC). We define MC differently for pump attacks and dump attacks:

• For pump attacks, MC is defined as capital required for increasing the price of the MToken from the current price CurPrice to CurPrice / LT(T).

• For dump attacks, MC is defined as capital required for decreasing the price of the MToken from the current price CurPrice to CurPrice * LT(T) (where T is a token with maximal Liquidation Threshold other than MToken).

The logic behind this threshold is simple. The attacker is required to push the MToken price at least to the thresholds above to not take any loss in case they do not return the loan, without considering the manipulation cost.

The manipulation cost rating of a pool is set to the lowest of its Pump rating and Dump rating. For both Pump and Dump ratings, each asset in the pool which price oracle allows it to be manipulated (i.e. it is not set to a fixed value) will be considered as MToken, and the minimal resulting rating (over all pool tokens) is considered, respectively, as a Pump or Dump rating of the pool. Calculation rules in the next section are provided for a fixed MToken.

Dump attack ratings

We define the Value at Risk (VaR) of a pool as the USD value which could be seized in case of an attack if the protocol is functioning correctly. For Dump attacks, it is expressed as:

Limiting the supply with Supply Cap is not necessary when calculating risk for the current market state but comes to use when Additional Liquidity is introduced.

Rating rules are provided in Table 2:

Dump Attack: Rating Rules

Rating E is assigned in the case where Manipulation Cost is so small that it does not exceed VaR, therefore there is a possibility of profitable attacks. It is important to note that the assignment of this rating to a pool does not imply that there necessarily exists a profitable attack strategy (otherwise, this indicator would be exploited by malicious agents), but it indicates very high risk.

Other tiers express levels of confidence in the protocol's security. They are calibrated so that rating A is assigned to pools with high-liquidity assets and reasonable risk isolation.

Pump attack ratings

For pump attacks, we define Value at Risk (VaR) in several steps. First, for each token T, we define MaxBorrowable_T as:

Then we calculate this value for the entire pool:

The value of assets that can be borrowed against MToken as collateral is also limited by Supply Cap_(MToken) and LT_(MToken), which we denote with MaxBorrowingPower_(MToken):

Finally, the Value at Risk for pump attacks is calculated as:

Rating rules are more complex in the case of pump attacks. They reflect the notion of capital-intensive attacks and their effect on risk. In the first step, base ratings are assigned based solely on the Manipulation Cost indicator:

Pump Attack: Base Rating Rules

Rating A is absent in this table due to the fact that those ratings are assigned to pools that may be vulnerable to manipulation (which is demonstrated further). The higher the Manipulation Cost, the riskier the attack for the attacker and fewer actors possess such capital combined with malicious intents. Based on observed attacks, the required starting capital exceeds MC as per our definition by 5+ times. This maps rating B to the possibility of a profitable attack with very high capital requirements ($50M+), while rating E depicts vulnerabilities to low-capital attacks (<$5M).

Once the base ratings are calculated, we move them up or down based on this set of rules:

Pump Attack: Rating Adjustments

If the Manipulation Cost exceeds the Value at Risk, we adjust the base rating by moving it up (e.g., B+1 = A) the number of ratings proportional to the level of confidence. There is a special case where we reduce the base rating.

The rating rules are calibrated so that rating A is assigned to pools with high-liquidity assets and reasonable risk isolation, and rating E signals the urgent need to change the protocol's risk parameters or even halt the pool.

Bad debt

Bad debt is defined as a loan which is not backed by any collateral. It naturally occurs in correctly functioning lending protocols due to liquidations being unprofitable for low-value positions in condition of high network commissions. However, large amounts of bad debt are indicating sub-optimal risk parameters such as liquidation incentive and/or price manipulation or other attacks.

• Max Bad Debt is defined as the maximal amount of debt not backed by collateral. For example, Max Bad Debt for two undercollateralized positions with [$1.1M, $1.05M] and [$300K, $100K] of loan and collateral respectively will be equal to $200K (and not $50K, despite the first position having a higher total loan value).

• Debt Percentage is defined as the ratio of bad debt to Total Supply. For example, Debt Percentage for two positions with [$1.1M, $1.05M] and [$300K, $500K] of loan and collateral respectively and additional $1.4M supplied liquidity will be equal to ±1.78% (see formula below).

In order to correctly support 1-to-1 stablecoin lending pools (such as Maker's DAI/USDP), we tolerate up to 1% price fluctuations before assigning bad debt status for a position. For example, $199M DAI backed by $198M USDC would not be considered as $1M of bad debt, as this difference is most likely based on the market price of both assets deviating insignificantly from $1.

Rating rules are provided in the following table:

The table is calibrated so that rating A is assigned to protocols that have been adequately operating under extreme market conditions, which inevitably leads to the accumulation of bad debt. The Debt Percentage threshold is also low enough, in this case, to not have a significant influence on liquidity providers' PnL, and bigger undercollateralized positions are tolerated, given they do not make up for a large share of the protocol's TVL.

Ratings B and C reflect degrees of concern on the protocol's liquidation mechanics or/and loss reimbursement. Generally, those protocols are safe to deposit liquid tokens into

Ratings D and E are assigned to pools with large (5% to 20%) and very large (>20%) shares of bad debt, indicating severe exploits and loss for liquidity providers. Those pools are typically frozen for deposits and borrows.