Improve your Veral score.

AI-Agent example: put the agent under a Safe multisig as the named owner and front the upgradeable proxy with a timelock — an AI-Agent that can be silently re-pointed by a lone EOA never clears M1.

1. 01Safe multisigPrimary contributiontrust L3

   Operate through a Safe multisig with a threshold of at least 2 of 3 trusted signers.

2. 02EAS attestationsHightrust L2

   Collect EAS attestations from recognized issuers — audit firms, registries, or trusted issuers.

3. 03Upgradeability (proxy + timelock)Hightrust L3

   Make upgradeability accountable: use a timelock and a multisig admin, never a lone EOA on an upgradeable proxy.

AI-Agent example: publish the ERC-8004 Trustless Agents registry anchor for this agent and back it with a Farcaster verification on the controlling address — the registry membership is the L3 identity gate for AI-Agent subjects.

1. 01Cross-binding (ENS to GitHub back-link)Hightrust L2

   Add your ENS name to your GitHub bio (or a pinned gist) so the link is mutually verified — this lifts your developer evidence from self-asserted (L1) to corroborated (L2). A missing back-link is never penalized; it stays unverified until you add it.

2. 02erc8004Hightrust L3

   Make this signal verifiable from a public source.

3. 03FarcasterHightrust L1

   Set up a Farcaster account, verify the controlling address, and post regularly so the social graph carries signal.

4. 04Gitcoin PassportModeratetrust L1

   Build a Gitcoin Passport above the humanity threshold by collecting verifiable identity stamps.

5. 05LensModeratetrust L1

   Create a Lens profile, bind it to the controlling address, and accumulate followers and publications.

6. 06POAPModeratetrust L1

   Collect POAPs from a diverse set of independent events — the anti-vanity floor rewards breadth.

7. 07ENS native recordsMinortrust L1

   Populate native ENS text records: avatar, url, com.twitter, com.github, description, and other identity facets.

AI-Agent example: deploy the agent contract to Ethereum mainnet (or a recognised L2) under the same controller as the ENS name, with weeks of real on-chain activity — an AI-Agent with no on-chain footprint reads as scaffolded.

1. 01Ethereum mainnetHightrust L3

   Point the name at an ETH address with real on-chain activity.

2. 02ENS (internal)Hightrust L3

   Configure ENS: forward and reverse resolution, primary address, and subnames where applicable.

3. 03SourcifyHightrust L3

   Verify your contracts on Sourcify (and Etherscan).

4. 04L2 deploymentsHightrust L3

   Deploy to multiple L2s (Base, Optimism, Arbitrum) and bind the same controller across them.

5. 05DefiLlamaModeratetrust L3

   List the protocol on DefiLlama with accurate TVL, category, and audit references; keep the entry maintained.

AI-Agent example: if the agent participates in restaking, register as an EigenLayer operator so the DelegationManager probe returns a public stake — M4 is conditional so an AI-Agent that does not handle funds is not penalised, but an AI-Agent that does must show it.

1. 01EigenLayerPrimary contributiontrust L3

   Register as an EigenLayer operator or AVS so restaking participation is publicly readable on the DelegationManager.

AI-Agent example: route the agent through a diverse, non-circular counterparty set — sybil clusters and wash patterns against the agent address are lock-blocking detectors that no positive AI-Agent signal can offset.

1. 01Counterparty diversity (sybil + wash detection)Primary contributiontrust L3

   Transact with a diverse, non-circular counterparty set; sybil clusters and wash patterns are lock-blocking detectors.

AI-Agent example: verify the agent contract source on Sourcify and link the repo via the com.github ENS text record — an AI-Agent whose code path is unverifiable cannot be reasoned about.

1. 01GitHubHightrust L1

   Link your code: set the com.github ENS text record to your GitHub org or user.

2. 02Code4rena (and equivalent audit firms)Hightrust L2

   Commission an external audit (Code4rena, Trail of Bits, or equivalent) and publish the findings report.

3. 03npm / PyPIHightrust L1

   Publish your client SDK or tooling to npm or PyPI under a maintained, low-vulnerability package.

4. 04Etherscan / BlockscoutHightrust L3

   Publish a verified source match on Etherscan or Blockscout for every deployed contract.

5. 05ImmunefiModeratetrust L2

   Stand up an Immunefi bug bounty program with a competitive ceiling so external researchers can report responsibly.

6. 06The GraphModeratetrust L3

   Publish indexed subgraphs on The Graph Decentralized Network so downstream consumers can read your protocol state.

AI-Agent example: stand up Tenderly monitoring on the deployed agent contracts with alert rules — runtime transparency is the floor signal that signals an actively maintained AI-Agent.

1. 01TenderlyPrimary contributiontrust L3

   Wire up Tenderly monitoring with alert rules on the deployed contracts; transparency about runtime is a credibility signal.

2. 02Token registriesPrimary contributiontrust L2

   Submit your token to recognized public registries (CoinGecko, Trust Wallet assets, Uniswap default list) with consistent metadata.