💯 Trust Score (0–100)
One number that captures who you are and how you behave.
Score Formula
trust_score = identity_score (0–80) + bot_reputation (0–20)Both components are independent. You can have a high identity score and a low reputation (a verified human who spams), or a low identity score and a high reputation (a trusted automation with minimal credentials).
Identity Score (0–80)
The identity score accumulates as the user completes verification steps. Each step is additive:
| Credential | Points | Cumulative | How to obtain |
|---|---|---|---|
| Email verified | +8 | 8 | OTP to registered email |
| Phone verified | +12 | 20 | OTP to mobile number |
| GitHub account | +16 | 36 | OAuth via github.com |
| Document OCR | +20 | 56 | Government ID scanned successfully |
| Face match | +16 | 72 | Selfie matches ID photo |
| Biometric proof | +8 | 80 | Privacy proof generated |
Minimum for most services
Most services require score ≥ 60, which means: email + phone + GitHub + document OCR (56) or email + document + face match (44+20+16=... wait — email(8) + document(20) + face_match(16) = 44, add phone(12) = 56). To reach 60, you also need to start the biometric step (+8 = 64).
Bot Reputation (0–20)
The reputation sub-score is managed by the validator network and reflects observed agent behavior:
| Score | State | Meaning |
|---|---|---|
| 0–4 | Flagged | Multiple spam violations or attestation losses |
| 5–9 | Low | New agent or minor violations detected |
| 10 | Neutral | Default for all new agents |
| 11–15 | Good | Positive behavioral attestations received |
| 16–19 | Trusted | Consistent good behavior across many validators |
| 20 | Excellent | Maximum reputation — well-known trusted agent |
How reputation changes
Validators issue attestations via POST /reputation/attest. Each attestation is +1 (positive) or -1 (negative) and propagates to all nodes via the P2P network.
Positive attestation triggers (auto-issued by services)
- Agent called ≥ 3 distinct tools in a session
- Agent completed ≥ 3 successful tool calls
- No spam events in the session
- Diverse usage pattern (not a single repetitive call)
Negative attestation triggers (spam guards)
- More than 5 requests in 60 seconds →
-1attestation - Repeated identical requests (same args) →
-1attestation - Token used from more than 3 different IPs in 1 hour
- Manual moderation by a validator operator
Score Thresholds Reference
Recommended thresholds for different types of access:
| Score | Typical use case | Credentials typically present |
|---|---|---|
| ≥ 10 | Basic access, rate-limited API | Default neutral |
| ≥ 30 | Personalized features, saved preferences | Email + phone |
| ≥ 40 | Job applications, basic premium services | Email + document OCR |
| ≥ 60 | Premium search, paid tools, data access | Email + phone + document |
| ≥ 72 | Financial tools, professional features | Full identity (no biometric proof) |
| ≥ 80 | High-stakes actions, compliance-required | Full identity (all credentials) |
| ≥ 95 | Admin tools, legal submissions | Full identity + high reputation (≥ 15) |
How to Improve Your Score
- Complete all identity steps — Run
npx soulprint verify-meto get all 6 credentials (max 80 identity points) - Use diverse tools — Call multiple different tools when using MCP services to earn positive behavioral attestations
- Avoid spam — Don't send repetitive requests; stay within rate limits
- Build reputation over time — Reputation accumulates across sessions; consistent good behavior compounds
Score in the Token
// Decoded SPT token payload
{
"did": "did:soulprint:abc123...",
"score": 82, // combined
"identity": 72, // 0–80
"reputation": 10, // 0–20
"credentials": [
"email", // +8
"phone", // +12
"github", // +16
"document", // +20
"face_match" // +16 = 72 identity
]
}