> ## Documentation Index
> Fetch the complete documentation index at: https://conto.finance/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Trust Scoring and Counterparty Controls

> Learn how Conto calculates trust scores, enriches counterparties with network intelligence and Fairscale, and turns trust into policy controls.

# Trust Scoring and Counterparty Controls

Trust scoring is how Conto turns recipient history, verification, and network intelligence into a
practical control surface for agent payments. It helps answer a simple question before money moves:

> How comfortable should this agent be paying this address right now?

## Two Layers of Trust

Conto maintains two complementary trust scoring layers:

* **Per-organization trust**: your org's local view of a counterparty based on
  your own transaction history with them.
* **Network trust**: a cross-organization view of a counterparty across all
  Conto customers, treating signals like a credit bureau.

Policies can use either layer. The per-org score is most relevant for repeat
counterparties; the network score is most useful for cold-start decisions on
addresses you have not transacted with before.

## What Feeds the Trust Score

Conto calculates trust with four weighted components:

| Component        | Weight | What it reflects                                           |
| ---------------- | ------ | ---------------------------------------------------------- |
| **History**      | `30%`  | Transaction count, volume, and relationship depth          |
| **Reliability**  | `30%`  | Success rate, failed transactions, flagged activity        |
| **Activity**     | `20%`  | Account age, recency, and consistency of behavior          |
| **Verification** | `20%`  | Manual verification, network data, and external enrichment |

This means trust is not based on a single signal. A new counterparty can improve over time through
successful activity, while a once-safe counterparty can degrade if failure or alert signals appear.

## How Trust Levels Are Assigned

Internally, Conto calculates a score on a `0.0` to `1.0` scale and then maps it to a trust level.

| Internal score | Trust level            | Notes                                                                                                                               |
| -------------- | ---------------------- | ----------------------------------------------------------------------------------------------------------------------------------- |
| `< 0.2`        | `UNKNOWN` or `BLOCKED` | Counterparties with low scores only become `BLOCKED` when there are actual negative signals, such as failed or flagged transactions |
| `0.2 - 0.49`   | `UNKNOWN`              | Limited history or weak signal quality                                                                                              |
| `0.5 - 0.74`   | `VERIFIED`             | Reasonable confidence, but not yet a fully trusted recipient                                                                        |
| `>= 0.75`      | `TRUSTED`              | High-confidence recipient, assuming verification requirements are satisfied                                                         |

<Note>
  Low data is not the same as malicious behavior. Conto treats many new counterparties as `UNKNOWN`
  rather than auto-blocking them.
</Note>

## External Enrichment and Compliance Signals

### Conto Network Intelligence

Conto aggregates anonymized network signals across organizations to improve counterparty evaluation.
This data takes precedence when it exists because it reflects real payment behavior on the platform.

Operators can now inspect that network layer directly in the dashboard, not just infer it from a
policy result. The Network workspace exposes detailed entity views, trust lookups, alert context,
and network-wide strength summaries so teams can see why an address is unknown, verified, trusted,
or blocked.

### Fairscale for Solana

For Solana addresses with no existing network trust score, Conto can enrich the counterparty with
Fairscale data.

* Used for cold-start reputation on Solana
* Normalized into Conto's `0.0 - 1.0` trust scale
* Fail-open design: enrichment helps, but provider unavailability does not automatically block

### Sanctions Screening

Sanctions and compliance checks are separate from trust scoring.

* Local OFAC screening is built in
* Chainalysis and TRM Labs can be layered on for enterprise use
* Compliance checks are fail-closed for enterprise screening providers

That means a counterparty can be high-trust from a behavior standpoint and still be blocked for
compliance reasons.

## How Trust Becomes a Control

Trust data feeds directly into policy evaluation. Common trust-aware controls include:

* `TRUST_SCORE` thresholds
* Counterparty status and trust-level rules
* New-recipient approval workflows
* Auto-freeze and alert thresholds when trust drops sharply

For more on provider inputs, see [/integrations/trust-providers](/integrations/trust-providers). For
policy rule details, see [/policies/counterparties](/policies/counterparties).

## Canonical Patterns

### 1. New vendor safe path

* Unknown counterparties are allowed to exist but not to spend freely.
* Require approval for first payments or low-trust recipients.
* Promote to normal flow once transaction history and verification improve.

### 2. Trusted vendor fast path

* Allow trusted or verified counterparties to pass with fewer interruptions.
* Keep hard denies for sanctioned or blocked recipients.
* Layer spend limits and time windows on top of trust so no single signal has too much power.

### 3. Solana cold-start enrichment

* Use Fairscale when a Solana recipient has no Conto network history.
* Combine that score with a conservative approval threshold.
* Let the relationship graduate as real transaction history builds.

### 4. Trust deterioration response

* Watch for trust score drops, repeated failures, or new flags.
* Route affected counterparties into approval workflows.
* Use alerts or auto-freeze when trust degradation becomes severe.

## Look Up Trust Programmatically

Use the SDK network trust endpoint to inspect any wallet address:

```bash theme={null}
curl https://conto.finance/api/sdk/network/trust/0x742d35Cc6634C0532925a3b844Bc9e7595f2bD18 \
  -H "Authorization: Bearer $CONTO_API_KEY"
```

The response includes:

* Global trust information
* Agent-specific relationship trust, when it exists
* Flags and risk indicators
* Aggregate transaction history

For Solana addresses, Conto can also include Fairscale-specific detail such as:

* recommendation tier
* behavioral red flags
* pillar scores and badges
* confidence and verification hints

This is a useful building block for preflight checks, ops tooling, or AI assistant workflows.

## What Operators Can Inspect

The Network dashboard is meant to answer two different questions:

1. What does the network know about this address right now?
2. How much shared intelligence is my organization currently participating in?

In practice, operators can inspect:

* detailed entity lists ranked by transaction volume and trust level
* first-seen and last-seen timing for known entities
* network-wide transaction counts, participating organizations, and tracked volume
* your organization's own contribution to a known entity, including local flags or block signals
* trust lookups for EVM addresses, Solana addresses, and supported domains

This makes trust scoring easier to operationalize during recipient review, approval triage, and
post-incident investigation.

## Network Sharing Modes

Organizations can control how they participate in network intelligence from **Settings**.

| Mode           | What you share                                                                            | What you receive                              |
| -------------- | ----------------------------------------------------------------------------------------- | --------------------------------------------- |
| `FULL`         | Transaction telemetry, shared volume patterns, local trust hints, and manual risk signals | Full trust lookups, alerts, and network stats |
| `PARTIAL`      | Transaction telemetry and manual signals, but not shared volume or local trust scores     | Full trust lookups, alerts, and network stats |
| `RECEIVE_ONLY` | No transaction telemetry, no volume sharing, and no manual signal contribution            | Trust lookups, alerts, and network stats      |
| Disabled       | Nothing                                                                                   | No shared trust lookups or network analytics  |

If sharing is disabled, network lookups degrade gracefully: Conto returns an `UNKNOWN` baseline and
explains that shared trust signals are paused until the organization re-enables network
intelligence.

## Trust, Approvals, and Policy Design

Trust scoring works best as part of a layered model:

1. Use trust to classify recipients.
2. Use approvals to review the gray area.
3. Use hard policy denies for clearly forbidden destinations.

That gives you three lanes instead of one:

* **Fast lane** for trusted counterparties
* **Review lane** for unknown or changing counterparties
* **Blocked lane** for clearly disallowed behavior

## Related Guides

<CardGroup cols={2}>
  <Card title="Trust Providers" icon="shield" href="/integrations/trust-providers">
    See Fairscale, sanctions screening, and provider priority
  </Card>

  <Card title="Approval Workflows" icon="check-to-slot" href="/guides/approval-workflows">
    Use trust levels as a review trigger
  </Card>

  <Card title="Securing Agents" icon="lock" href="/guides/securing-agents">
    Build a layered risk model for agents that spend
  </Card>

  <Card title="Recipes" icon="terminal" href="/guides/recipes">
    Copy-paste trust lookup and policy setup commands
  </Card>
</CardGroup>
