How we read a contract.
What we claim. What we don’t.
While we deploy six independent engines and a battery of reputation databases to do the heavy lifting, the final “GhostScore” isn’t just the output of a cold algorithm. We recognize that machines are excellent at counting, but rather hopeless at judging.
Every score is tempered by human ingenuity, the kind of “proof of work” that a paying client deserves. This page serves as our source of truth: detailing the mechanics of what we measure, while acknowledging the vital gap where automated reads end and human discernment begins.
After all, if you want to engineer trust, you can’t just rely on a motherboard; you need someone who understands the messy, brilliant psychology of the person on the other side of the screen.
Six engines. Partners. Authorities. AI consensus. Other proprietary checks.
A GhostLabs read isn’t a single tool running checks in sequence. It’s six independent analyses running concurrently, cross-referenced against partner intelligence and regulatory databases, then synthesized by an AI consensus engine that reads what individual tools cannot. One score. One verdict.
AI Consensus Engine
An AI-powered analysis layer that synthesizes outputs from all engines into a unified threat assessment. Cross-references findings, resolves contradictions between probes, and applies adversarial reasoning at machine speed, 24/7, with zero human bottleneck.
External Audit Partners
For high-value engagements, findings are cross-validated with vetted third-party audit firms. Independent verification from a separate methodology eliminates single-source blind spots and strengthens the final verdict.
Regulatory & Sanctions Checks
Real-time screening against OFAC, EU, and FATF sanctions lists, plus local regulatory databases across jurisdictions. Flags sanctioned addresses, mixer-tainted funds, and entities under active enforcement action.
Source & Bytecode Analysis
AST parsing, control-flow analysis, pattern matching against thirty-plus exploit signatures (reentrancy, integer overflow, unchecked external calls, delegatecall hijacking, hidden mint, blacklist functions).
Large-Model Interpretation
Claude-class models read the contract end-to-end and explain its intent in plain language. Catches non-pattern behaviours and tokenomics structures that static analysis misses.
Behavioural History
Live state of the contract on its native chain. Owner address activity, liquidity pool depth and lock status, holder distribution, suspicious transfers, proxy upgrade history.
Four Databases
Cross-references against curated rug-pull databases, exploit incident registries, sanctions lists, and a proprietary deployer-history graph (which devs have shipped which contracts and what happened to them).
Tokenomics Health
Supply distribution, vesting schedules, trading restrictions, fee mechanics, max-tx and max-wallet limits, treasury controls. Surfaces the manipulation vectors that source-code analysis alone cannot see.
Continuous Upgrade Detection
For monitored contracts only. Monitors contracts every cycle, flags changes (proxy upgrades, implementation swaps, owner rotations) and re-scores the contract within fourteen seconds.
The Anatomy of a Verdict: Why Trust Requires a Soul in the Machine.
A score that arrives via a “black box” is not a service; it’s an oracle, and oracles are notoriously prone to hubris. At GhostLabs, we treat the assembly of a GhostScore as an act of Institutional Alchemy.
We start with the cold, unblinking logic of six independent engines, because machines are better at counting than humans. But we don’t stop there. We layer on “Partner Intelligence” and “Regulatory Screening” to provide context that a motherboard simply cannot grasp.
Finally, an AI consensus layer applies Adversarial Reasoning at machine speed, testing assumptions and resolving contradictions across all six engines simultaneously. We don’t just calculate a weighted average; we engineer a consensus. If an AMM contract is being judged, we tilt the scales toward Tokenomic Health, because in marketing as in math, relevance is the ultimate multiplier.
The five action labels
- EVACUATE (0–30). Direct path to loss of user funds. Potential honeypots, active exploits, hidden mints, blacklist-and-trap mechanics, malicious upgrade authority. Covers Tiers 1–3: Total Asymmetry, Exit Liquidity, Literary Fiction.
- CAUTION (31–50). Significant risk requiring trust assumptions. Unrenounced ownership with mint capability, mutable fee structures with no upper bound, heavy off-chain marketing masking structural issues. Covers Tiers 4–5: Synthesized Hype, The Mediocracy.
- OBSERVE (51–60). Operational concerns or reduced defensive depth. Code works as advertised but lacks polish. No critical findings, a few medium-severity flags. Covers Tier 6: Accidental Competence.
- SECURE (61–80). Solid implementation. Low and informational findings only. Liquidity locks visible, owner privileges minimised or renounced, healthy holder distribution. Covers Tiers 7–8: The Rational Choice, The Alpha Signal.
- INSTITUTIONAL (81–100). Best-practice implementation. Multi-sig governance, time-locks, proper upgrade patterns, transparent treasury controls. Zero critical findings. Covers Tiers 9–10: Legacy Potential, The Gold Standard.
Empirically calibrated weights
The GhostScore uses a five-pillar, 100-point framework. Pillar weights are not arbitrary. they are derived from a regression analysis of 340+ exploit incidents between 2021 and 2026, totalling $4.3 billion in losses. The most significant finding: governance failures account for roughly the same share of aggregate exploit losses as code failures. Security and Team & Governance therefore share the highest weight band. Tokenomics and Value occupy the middle band. Health carries the smallest weight.
A non-linear amplifier penalises projects that fail multiple critical-threshold questions, ensuring that one clean pillar cannot mask systemic risk elsewhere. Hard overrides cap the score for potential honeypots, sanctioned addresses, and active exploits.
For the full research paper on our calibration methodology, empirical findings, and the amplifier design, read The GhostScore: A 100-Point Framework for Smart Contract Risk →
Weighting principles
- On-chain history weighs heavier than source-code analysis when source is unverified.
- Reputation database hits (deployer with rug history) override otherwise-clean code analysis.
- Tokenomics structure weight scales with the contract’s liquidity-extracting potential.
- Time decay: an older contract with no incidents scores incrementally higher than a freshly-deployed equivalent.
Every contract we read is published.
A scoring model earns trust by producing scores you can challenge. Every GhostScore verdict, free or paid, is written to our public ledger the moment it’s finalised. Scores, tiers, timestamps, on-chain addresses: all verifiable, all permanent. No private lists, no hidden results.
The ledger is not a curated highlight reel. It is the full, unedited record of every contract that has passed through the GhostLabs engine, from Tier 10 blue chips to Tier 1 honeypots. Browse it, challenge it, cite it. That’s the point.
For detailed analysis of how scores are derived, including the empirical calibration methodology and the non-linear amplifier design, read the full research paper: The GhostScore: A 100-Point Framework for Smart Contract Risk →
For a comparison of how the GhostScore differs from other audit tools on the market: Smart Contract Audit Tools Compared (2026) →
From Total Asymmetry to The Gold Standard.
Every contract that hits GhostLabs lands on one of ten named tiers, each carrying a psycho-logic tagline and a directive Action label. The names are deliberate brand assets: quotable, screenshottable, used as shorthand by traders and treasuries alike. The Action label is the operational layer. It is what a compliance officer programs against, what a DEX aggregator filters by, what a trader uses as a binary signal.
Every chain that matters.
GhostLabs reads across 35 chains spanning six virtual machine families: EVM, Solana (SVM), TRON (TVM), TON, Move (Sui & Aptos), and Clarity (Bitcoin L2). Coverage prioritises chains where capital actually moves, not chain count for its own sake.
Each chain family requires its own adapter layer: native RPC integration, chain-specific exploit-pattern detection, and reputation database mapping. EVM chains use Slither and Mythril for static analysis. Solana uses RugCheck and Birdeye. TRON, TON, Sui, Aptos, and Stacks each have dedicated intelligence probes calibrated to their unique attack surfaces. We add chains when meaningful TVL and active deployment justify the engineering cost, not based on launch announcements alone.
What each tier actually does.
Every tier uses the same scoring methodology. The difference is depth, deliverables, and the level of human involvement. Here is exactly what you get, and what you do not get, at each level.
Tier 1: Free Read ($0, unlimited)
- Identifies high-confidence security signals, common exploit patterns, on-chain history, and reputation flags across thirty-five chains. Catches the majority of straightforward rugs and obvious malicious patterns.
- Returns a GhostScore (0 to 100), tier classification, top findings, and a permanent public URL. No account required, no limit.
- A free read is a triage layer. It is not a substitute for a multi-week human audit. A high GhostScore is not a guarantee of safety; a low score is not a verdict. Read the underlying findings before acting.
Tier 2: Deep Audit ($98, one-time)
- Everything in the free read, plus line-level human-grade review, exploit-path narratives, severity-ranked findings, and remediation guidance.
- Deliverables: signed PDF report, findings spreadsheet (CSV), public verifiable URL, executive summary, and free remediation re-test for thirty days.
- Suitable for documentation, exchange listing diligence, and external trust signalling. Not a replacement for a bespoke engagement on nine-figure-TVL protocols.
Tier 3: Sentinel Monitoring ($129/mo per contract)
- Continuous upgrade detection, owner/admin/proxy change monitoring, and automatic re-read within seconds of any on-chain mutation.
- Alerting via Discord, Slack, Telegram, or email webhooks. Private monitoring dashboard.
- Monitoring catches what an audit cannot: the contract that was safe at deployment and changed after.
Tier 4: Enterprise (from $2,000/mo)
- Custom SLAs, embedded scoring APIs, dedicated review pipelines, and white-label integrations for wallets, exchanges, and aggregators.
- Scoped per engagement. The methodology is the same; the delivery model is built around your workflow.
Across all tiers
- New attack vectors emerge constantly. A contract that scored well today can score differently after a malicious upgrade. Scores are evidence at a point in time, not permanent guarantees.
- GhostLabs does not provide investment advice. We describe properties of code at a moment in time. Capital allocation is yours.
How a score updates over time.
A GhostScore is not a one-time snapshot. Three triggers can update an existing score:
- Re-read on demand. Anyone can trigger a fresh read on any contract at any time. Free. The score and timestamp update accordingly.
- Bytecode change. For contracts under Sentinel monitoring, detected changes (proxy upgrade, implementation swap, ownership transfer) trigger an automatic re-read.
- Reputation database update. If a contract’s deployer is later linked to an exploit, the affected contract’s score is re-weighted automatically.
Every contract has a permanent public page at /c/{chain}/{address} showing the current score, tier, top findings, and the timestamp of the most recent read. The public ledger indexes every read across all contracts.
Ready to read a specific contract?
Free, every chain, every time. The deep audit is the same methodology, line-by-line, with a sealed AI verdict. Enterprise pipelines embed the read inside your launch, listing, or treasury workflow.