> ## Documentation Index
> Fetch the complete documentation index at: https://conto.finance/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Trust & Risk Providers

> External trust scoring, reputation, and compliance providers integrated with Conto

# Trust & Risk Providers

Conto integrates with external providers to enrich trust scores, screen for sanctions, and assess wallet reputation. These providers feed into the [trust score calculation](/introduction/concepts#trust-score-factors) (via the **Verification** factor, weighted at 20%) and the [policy rule engine](/policies/advanced#supported-rule-types).

Reputation providers (like Fairscale) follow a **fail-open** design: if unavailable, Conto logs a warning and continues without blocking transactions. Sanctions screening providers follow a **fail-closed** design: if Chainalysis or TRM Labs is unavailable, the address is treated as sanctioned to prevent compliance gaps.

## Fairscale (Solana Reputation)

[Fairscale](https://fairscale.xyz) provides composable reputation scoring for Solana wallets. It analyzes onchain behavioral signals, token holdings, transaction patterns, staking activity, and social connections, to produce a 0-100 reputation score.

### What it provides

| Signal            | Description                                                                                       |
| ----------------- | ------------------------------------------------------------------------------------------------- |
| **Score** (0-100) | Composite reputation score                                                                        |
| **Tier**          | `bronze`, `silver`, or `gold`                                                                     |
| **Pillars**       | Six scored dimensions: verification, reliability, social, track record, economic stake, ecosystem |
| **Badges**        | Behavioral badges (e.g. "LST Staker", "No Instant Dumps")                                         |

### How Conto uses it

* **Trust score enrichment**: For Solana counterparties with no existing network data, Fairscale scores are normalized (0-100 to 0.0-1.0) and used as the network trust score
* **Cold-start enrichment**: Unknown Solana addresses get real trust scores instead of blank `UNKNOWN` defaults
* **Policy rules**: Use `TRUST_SCORE` with the normalized 0.0-1.0 trust score to gate payments

### Policy rule

Require a normalized trust score before allowing payments:

```json theme={null}
{
  "ruleType": "TRUST_SCORE",
  "operator": "GTE",
  "value": "0.5",
  "action": "ALLOW"
}
```

<Warning>
  Avoid `FAIRSCALE_MIN_SCORE` for production policy gates until the payment evaluator wires
  Fairscale context directly into rule evaluation. Fairscale enrichment still contributes through
  the normalized `TRUST_SCORE` path for unknown Solana counterparties.
</Warning>

### Availability

Fairscale is **supported when the Conto deployment is configured with a `FAIRSCALE_API_KEY`**. If Fairscale is not configured, Conto skips reputation enrichment and continues without blocking the request.

<Note>
  Fairscale is **Solana-only**. It is automatically skipped for EVM addresses, and Conto also skips
  it when the provider is unavailable.
</Note>

### SDK API response

When querying trust data for a Solana address via the SDK, Fairscale data is included:

```json theme={null}
{
  "address": "CKs1E69a2e9TmH4mKKLrXFF8kD3ZnwKjoEuXa6sz9WqX",
  "fairscale": {
    "score": 8,
    "tier": "bronze",
    "confidence": 0.3,
    "isVerified": true,
    "pillars": {
      "verification": 0,
      "reliability": 8,
      "social": 14,
      "track_record": 0,
      "economic_stake": 41,
      "ecosystem": 5
    },
    "badges": [
      { "id": "lst_staker", "label": "LST Staker", "tier": "gold" },
      { "id": "no_dumper", "label": "No Instant Dumps", "tier": "silver" }
    ]
  }
}
```

***

## Sanctions Screening

Conto screens wallet addresses against sanctions lists to support compliance requirements. Screening checks known sanctioned addresses (Tornado Cash, Lazarus Group, Garantex, etc.) and can be extended with enterprise providers for deeper risk analysis.

### Providers

| Provider                 | Description                                                                                                                                                   |
| ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **Local OFAC** (default) | Built-in OFAC SDN list, screens against known sanctioned wallet addresses. No API key needed.                                                                 |
| **Chainalysis**          | Enterprise-grade blockchain risk scoring via the [Chainalysis KYT API](https://www.chainalysis.com/). Identifies sanctions exposure through cluster analysis. |
| **TRM Labs**             | Blockchain intelligence and compliance via the [TRM Labs Screening API](https://www.trmlabs.com/). Screens addresses for sanctions risk indicators.           |

### Availability

**Local OFAC** screening is **built into Conto**, no configuration needed. All organizations on [conto.finance](https://conto.finance) automatically get OFAC sanctions screening against known sanctioned addresses.

For enterprise compliance needs, **Chainalysis** and **TRM Labs** provide deeper risk analysis. Contact [support](https://conto.finance) to enable enterprise sanctions screening for your organization.

<Note>
  Sanctions screening is **fail-closed** for enterprise providers: if Chainalysis or TRM Labs is
  unavailable, the address is treated as sanctioned to prevent compliance gaps. Local OFAC screening
  is always available since it uses a built-in address list.
</Note>

### Policy rules

Block transactions to sanctioned countries using `GEOGRAPHIC_RESTRICTION`:

```json theme={null}
{
  "ruleType": "GEOGRAPHIC_RESTRICTION",
  "operator": "IN_LIST",
  "value": "[\"CU\", \"IR\", \"KP\", \"SY\", \"RU\"]",
  "action": "DENY"
}
```

See the [OFAC compliance section](/policies/advanced#geographic-restrictions-ofac) for the full list of sanctioned countries.

<Warning>
  Always consult legal counsel for compliance requirements. This is not legal advice.
</Warning>

***

## Network Intelligence

In addition to external providers, Conto's built-in **Network Intelligence** aggregates anonymized trust signals across all organizations on the platform:

* Cross-organization address flagging
* Collective fraud detection
* Automatic trust score adjustments based on network-wide behavior

<Note>
  Network Intelligence data is anonymized. Organizations share aggregate trust signals, not
  transaction details.
</Note>

***

## Provider priority

When multiple sources have data for an address, Conto applies them in this order:

1. **Conto Network Intelligence**: on-platform transaction history and cross-org signals
2. **Fairscale** (Solana only), external reputation scoring
3. **Sanctions screening**: compliance blocklists (always enforced regardless of trust score)

Network Intelligence scores take precedence because they're based on real transaction history. Fairscale is used for cold-start enrichment when no network data exists. Sanctions screening operates independently and can block transactions regardless of trust score.

## Implementation

Trust scoring is split into two complementary services:

* **Per-organization trust** (`trust-score.ts`), your org's local view of a
  counterparty derived from your own transaction history with them.
* **Network trust** (`network-trust-service.ts`), the cross-organization
  "credit bureau" view aggregated across all Conto customers.

Most policies that reference a `TRUST_SCORE` rule consult the per-org service
first and fall back to the network score for unknown addresses. See
[Trust Scoring](/guides/trust-scoring) for the full data model.
