Skip to main content

Trust Scoring

Score Range

Trust scores range from 0 to 1000.

Components

Trust scores are computed from four weighted signal components:

ComponentWeightDescription
Behavioral40%Task completion, error rates, operational reliability
Compliance25%BASIS policy adherence, rule violations
Identity20%Verification strength, authentication signals
Context15%Environmental factors, operational context

Component Details

Behavioral (40%): The largest weight reflects that actions speak louder than credentials. Tracks:

  • Task completion rates
  • Error frequency
  • Response quality
  • Tool usage patterns

Compliance (25%): Measures adherence to BASIS policies:

  • Policy check pass rates
  • Violation history
  • Audit outcomes

Identity (20%): Strength of entity verification:

  • Authentication method
  • Credential validity
  • Identity attestations

Context (15%): Environmental and situational factors:

  • Operating context appropriateness
  • Resource usage patterns
  • Interaction patterns

Trust Tiers (T0-T7)

Eight tiers provide graduated autonomy levels:

TierNameScore RangeDescriptionCapabilities
T0Sandbox0-199Restricted testingRead-only, no external access
T1Observed200-349New or recoveringLimited operations, high oversight
T2Provisional350-499Proving trustworthinessBasic operations, monitored
T3Monitored500-649Normal operationsStandard tools, logging required
T4Standard650-799Standard operationsExtended tools, reduced oversight
T5Trusted800-875Elevated privilegesElevated operations, light oversight
T6Certified876-950Verified and auditedPrivileged operations
T7Autonomous951-1000Maximum autonomyFull capabilities, self-governance

Tier Transitions

Promotion occurs when score crosses upward into a new tier:

  • Requires sustained positive signals
  • May require additional verification at higher tiers
  • Emits trust:tier_changed event with direction: 'promoted'

Demotion occurs when score drops below tier minimum:

  • Immediate capability revocation
  • Requires recovery to regain privileges
  • Emits trust:tier_changed event with direction: 'demoted'

Signal Impacts

Trust scores change based on behavioral signals:

Signal TypeImpactNotes
task_completed+5Standard positive signal
task_failed-153x amplification for failures
policy_violation-50Serious compliance breach
compliance_check_passed+2Periodic verification
human_endorsement+25Explicit trust delegation

Trust Decay

Inactive agents experience trust decay to prevent stale high-trust entities. The decay model uses exponential decay with configurable parameters.

Decay Formula

decayed_score = current_score × (1 - decay_rate)^periods

Where:

  • decay_rate: Percentage decay per interval (default: 1%)
  • periods: Number of decay intervals elapsed

Default Configuration

ParameterDefaultDescription
decayRate0.01 (1%)Decay per interval
decayIntervalMs60000 (1 min)Interval between decay checks
Signal half-life7 daysWeight decay for old signals

Accelerated Decay

When an entity accumulates failures, decay accelerates:

ParameterDefaultDescription
failureThreshold0.3Signals below this are failures
acceleratedDecayMultiplier3.0Multiplier when accelerated
failureWindowMs3600000 (1 hr)Window for counting failures
minFailuresForAcceleration2Failures needed to trigger

Example: With 2+ failures in the past hour, decay rate becomes 3% per interval instead of 1%.

Recovery

Entities can recover trust through positive signals:

ParameterDefaultDescription
successThreshold0.7Signals above this trigger recovery
recoveryRate0.02 (2%)Base recovery per success
acceleratedRecoveryMultiplier1.5Multiplier after consecutive successes
minSuccessesForAcceleration3Successes needed for acceleration
maxRecoveryPerSignal50Maximum points per recovery signal

Activity Reset: Any signal (positive or negative) resets the decay timer.

Configuration Example

import { createTrustEngine } from '@vorionsys/atsf-core/trust-engine';

const engine = createTrustEngine({
decayRate: 0.005, // 0.5% per interval (slower decay)
decayIntervalMs: 300000, // 5 minutes
failureThreshold: 0.25, // Stricter failure detection
acceleratedDecayMultiplier: 2.0, // Less aggressive acceleration
recoveryRate: 0.03, // Faster recovery
});

Initial State

All entities initialize at score 0 (Sandbox tier) unless explicitly promoted by authorized administrator.

Requirements

REQ-TRS-001: Trust scores MUST be computed from defined components.

REQ-TRS-002: Trust checks MUST occur before capability grants.

REQ-TRS-003: Trust score changes >50 points MUST be anchored.

REQ-TRS-004: Trust decay MUST apply to inactive entities.

REQ-TRS-005: Signal impacts MUST be configurable per deployment.