Trusted by leading institutions and DeFi organizations, Web3SOC defines what it means to be institutional-grade. This makes it easy to assess and compare organizations. It provides:
A tiered system that signals institutional readiness at a glance.
Transparent breakdowns across operational, financial, security, and regulatory dimensions.
Private reviews for internal benchmarking and improvement.
Web3SOC offers a standardized due diligence tool to assess risk. It supports informed decision-making by identifying strengths and gaps in organizational maturity across key operational and compliance domains.
Web3SOC provides a structured path to institutional adoption. Use it to benchmark your current standing, understand expectations, and chart a course for improvement.
Web3SOC scores organizations in four core areas:
Each area maps to the core pillars of institutional trust and allows organizations to demonstrate progress with clarity.
See the Web3SOC scores of popular organizations.
Organizations are classified into one of four tiers to signal their level of institutional readiness:
These scores make it easy for institutions to assess organizational maturity at a glance, and for organizations to know exactly where they stand and what’s next.
Incorporate Web3SOC into your investment evaluation process to assess risk with clarity, structure, and confidence.
Complete the self-assessment or work with Cantina to understand your current standing - and what’s needed to earn institutional trust.
Web3SOC is a standardized classification system that evaluates DeFi organizations across four core areas: operational (team structure and governance), financial (economic design and capital resilience), security (smart contract and infrastructure robustness), and regulatory (legal compliance). Organizations receive scores ranging from Enterprise (A) to Nascent (D) based on their institutional readiness.
Web3SOC was developed by Cantina in collaboration with leading DeFi organizations including Uniswap Labs, Morpho, Maple Finance, Kiln, Steakhouse Financial, L1D, and Secureum. This collaborative approach with industry leaders ensures the framework reflects real-world institutional requirements and DeFi best practices.
Web3SOC uses four tiers:
A - Enterprise
Highest standards in governance, security, and compliance; fully transparent with strong risk mitigation.
B - Established
Structured governance, security, and compliance with regular audits and reporting.
C - Emerging
Basic security and governance; lacks consistency and regulatory clarity.
D - Nascent
Same as Emerging — basic controls, but with higher risk and lower maturity.
Institutions can incorporate Web3SOC into their investment evaluation process to assess DeFi organizations with the same rigor as they would a traditional organization. The framework provides a standardized framework for comparing organizations and identifying strengths and gaps in governance, security, financial stability, and regulatory compliance.
DeFi organizations can either complete a self-assessment or work directly with Cantina for professional evaluation. Web3SOC offers both public scores for transparency and confidential assessments for private benchmarking and improvement planning.
An Enterprise A+ rating indicates the highest standards in governance, security, and compliance with full transparency and robust risk mitigation. This rating signals to institutions that the organization meets or exceeds the standards for institutional maturity.
Web3SOC scores can be updated as organizations improve their practices across the four evaluation domains. The framework is designed as a living document that evolves with industry standards, allowing organizations to demonstrate continuous improvement in institutional readiness.
Web3SOC is specifically designed for institutional evaluation, developed collaboratively with leading industry players rather than by a single entity. It provides standardized classifications, transparent scoring breakdowns, and confidential assessment options that address the unique challenges of decentralized finance.
Web3SOC creates a common language between institutional investors and DeFi organizations by applying familiar due diligence standards in ways that fit decentralized protocols. This standardization helps institutions assess DeFi investments with confidence while giving DeFi projects clear improvement pathways.
Web3SOC evaluates smart contract security, application robustness, infrastructure resilience, attack resistance capabilities, and incident response procedures. This comprehensive security assessment helps institutions understand the technical risks associated with different DeFi protocols.
The operational assessment examines team structure, governance mechanisms, risk management processes, and day-to-day operational stability. This evaluation helps institutions understand whether a DeFi organization has the structural foundation necessary for long-term partnerships.
Web3SOC evaluates legal compliance across relevant jurisdictions, regulatory frameworks adherence, and jurisdictional considerations. This assessment is crucial for institutions that must ensure their DeFi investments meet regulatory requirements in their operating regions.
Yes, Web3SOC scores provide institutional investors with standardized metrics for evaluating DeFi protocols, making it easier for high-scoring organizations to attract institutional capital. The framework gives institutions confidence in their due diligence process while highlighting protocols that meet institutional standards.
The financial assessment evaluates economic design sustainability, capital resilience, treasury management, and overall financial security. This analysis helps institutions understand the long-term viability and financial stability of DeFi protocols before making investment decisions.
Web3SOC offers both public and confidential assessments. Organizations can choose private assessments for internal benchmarking and improvement without public disclosure, allowing them to understand their position and make improvements before seeking public recognition.
Organizations can improve scores by addressing identified gaps across the four evaluation domains: strengthening operational processes, enhancing security practices, improving financial standing, and ensuring regulatory compliance. Web3SOC provides actionable insights for systematic improvement.
Web3SOC is designed to evaluate various DeFi organizations including DEXs, lending protocols, staking services, and other decentralized financial services. The framework's four-domain approach is flexible enough to assess different types of DeFi protocols while maintaining consistent standards.
Web3SOC accelerates institutional DeFi adoption by providing familiar evaluation standards, reducing due diligence complexity, and offering clear benchmarks for institutional readiness. This standardization helps institutions move beyond pilot programs to meaningful DeFi allocations with greater confidence.
