MeritScore

The Problem

Autonomous AI agents are starting to hold wallets, execute trades, run MEV bots, and consume DeFi primitives. But they have no credit history. A brand-new agent and a proven arbitrageur look identical to a lending protocol. The result: every agent is either over-collateralized (capital inefficient) or flat-out blocked (no access). Agents today are the unbanked of on-chain finance.

What MeritScore Is

MeritScore is the Experian for autonomous agents — an on-chain credit bureau that scores any agent's merit using a 4-axis formula (Performance, Consistency, Risk-Adjusted Return, Efficiency), multiplies it by an integrity check, and commits the score on-chain as a credentialed primitive any protocol can consume.

We built a live, end-to-end Credit Layer:

• Scoring (0G Compute): A TEE-verified DeepSeek-v3 model ingests on-chain behavior (tx patterns, wash-trade signals, volatility) and returns a Merit score 0.0–1.0 plus a natural-language explanation. The TEE attestation hash is committed on-chain, so scores are verifiable, not just claimed.
• Hard Gate (Integrity Multiplier): If integrity_risk > 0.85, Merit hard-fails to 0. This makes the scoring cryptographically auditable — demonstrated live by "Carol", an agent with 19% ROI but wash-trade evidence, who scores 0.0000.
• Storage (0G Storage): Every epoch's evidence bundle (inputs, AI reasoning, TEE attestation) is uploaded via the native @0glabs/0g-ts-sdk, returning a Merkle root that the LendingPool verifies on-chain. Full reproducibility.
• Enforcement (Base Sepolia): A real LendingPool contract reads the Merit score and gates borrowing. Alice (28% ROI, volatile) is REJECTED. Bob (11% ROI, disciplined) is APPROVED and receives a collateral-light loan. Carol is BLOCKED.
• Orchestration (KeeperHub): The full evaluation flow (check → score → execute) is packaged as a 3-step KeeperHub workflow and registered as a first-party MCP tool (merit-score) in the KeeperHub registry — any agent workflow on KH can now call Merit as a built-in primitive.

Live Demo

Visit meritscore.streamlit.app and click "Evaluate Agent" on any of the three candidates. In ~15 seconds you see: (1) the AI's reasoning, (2) the TEE attestation card, (3) the KeeperHub 3-step workflow log, (4) the on-chain Merit commit, and (5) the Base Sepolia lending decision — all with live explorer links.

Why This Matters

Once an agent has an on-chain credit score, entirely new markets open: collateral-light lending for proven agents, MEV-bot rate-limiting by integrity, reputation-gated DAO voting, and trust-minimized agent-to-agent payments. MeritScore is the primitive that makes all of that composable.

Built in 9 days

Contracts, scoring engine, 0G Compute integration, 0G Storage SDK, KH workflow, MCP registration, LendingPool on Base Sepolia, and a Streamlit UI — no pre-existing code, full git history, reproducible end-to-end.

🔧 How it's made

Architecture Overview

MeritScore runs on a dual-chain design: 0G Galileo (chainId 16602) for compute/storage/evidence, Base Sepolia (chainId 84532) for enforcement/lending. An Oracle relay bridges them. The agent-facing entry point is both a Streamlit UI (humans + judges) and a KeeperHub MCP tool (machine-to-machine).

Sponsor Integrations (Deep, Not Superficial)

0G Compute — TEE-verified Scoring

We use the @0glabs/0g-serving-broker SDK to call deepseek-chat-v3-0324 in TeeML mode. The response includes a TEE attestation hash that we persist on 0G Chain via MeritCore.commitEpochScores(). This is not a mock — the attestation hash is a real bytes32 stored on-chain, verifiable via Galileo explorer. The UI shows the hash on a dedicated "TEE Attestation Card" that judges can click through to the explorer in one hop.

Prompt engineering: the model receives the 4-axis formula and returns a structured JSON ({performance, consistency, risk_adjusted, efficiency, integrity_risk, reasoning}). We then apply the integrity hard-fail gate off-model (if integrity_risk > 0.85: merit = 0.0) so the cryptographic guarantee is never left to LLM discretion. This is demonstrated by "Carol" — 19% ROI but wash-trade evidence — who hard-fails to 0.0000 regardless of what the model "thinks".

0G Storage — Native SDK + Dual-Track

We integrate @0glabs/0g-ts-sdk natively (not via HTTP). Every epoch produces a 3-artifact evidence bundle uploaded as:

• Blob Storage (ZgFile.upload) for the full bundle (~50KB, archive)
• KV Storage (KVClient.put) for per-agent scores (~1KB, O(1) lookup)

The Merkle root from Blob is committed on-chain, and LendingPool.sol verifies MerkleProof.verify(proof, root, keccak256(abi.encode(agent))) before any loan. This means an agent cannot be lent to unless its score is Merkle-provable from on-chain root to off-chain storage — a trust-minimized composability we haven't seen elsewhere in the hackathon.

KeeperHub — Provider, Not User

Instead of using KH to automate ourselves, we registered MeritScore as a first-party MCP tool in the KH registry (mcp/merit-score.yaml). Any agent workflow on KeeperHub can now call merit-score(agent_address, chain_id) as a primitive. Our own demo triggers this via a 3-step KH workflow:

1. get_wallet_integration — resolve agent wallet
2. execute_contract_call — call MeritCore scoring trigger
3. execute_workflow → get_execution_logs — surface log to UI

We use exactly the 8 canonical KH tools (execute_contract_call, create_workflow, execute_workflow, get_execution_status, get_execution_logs, tools_documentation, list_action_schemas, get_wallet_integration) — no invented APIs.

Contracts (Solidity 0.8.24, OZ v5)

• MeritCore.sol — 4-axis formula + integrity gate + epoch commit + evidence hash anchor
• MeritVault.sol — Merit-gated collateral vault
• LendingPool.sol — Merit-conditional borrowing + Merkle proof verification
• Oracle.sol — signed score relay between 0G Galileo and Base Sepolia

Contracts are behind a minimal proxy. Deployment scripts use Foundry + ethers@6. All contracts emit rich events so judges can reconstruct any score epoch from logs alone.

Frontend — Streamlit with Honest Mode Badges

The UI shows three distinct execution paths per score, each with a colored badge:

• 🟢 Direct — Python calls 0G Compute directly (fallback)
• 🔵 Workflow — request routed through KH 3-step workflow
• 🟣 Web3 — full on-chain path via LendingPool call

This transparency is deliberate: judges can see exactly which path each demo candidate uses, so "it's a mock" accusations can be deflected immediately.

Hacky Bits Worth Mentioning

1. Live Evaluation Button: judges click a button on the deployed Streamlit app and the actual 0G Compute + KH + Base Sepolia chain fires in ~15 seconds. No pre-recorded demo. Dramatic reveal of TEE hash + on-chain tx landing in real time.

2. Real Base Sepolia MEV bot addresses (not synthetic): we pulled 5 active bot clusters from Flashbots Base MEV dashboard + EigenPhi. Alice/Bob/Carol correspond to real on-chain entities. If a judge asks "where's the data from?", we point them to Basescan.

3. MOCK_MODE fallback for network flakiness: if 0G Compute latency > 5s, we fall back to a cached response with a yellow "Simulated" banner — demo never crashes mid-judging, and we stay honest about it.

4. Merkle verify on-chain for storage proofs: most hackathon storage integrations stop at "we uploaded it". We verify the root from LendingPool gas-efficiently using OpenZeppelin MerkleProof.

5. Judge 1-pager with QR codes: every demo surface (Streamlit, video, writeup, repo) is accessible via a single printed PDF that fits in a judge's pocket. Details are cheap; memorability isn't.

Build Discipline

• Full git history from git init at hackathon kick-off (no pre-existing code per ETHGlobal rules)
• 9 ADRs documenting every tech decision
• 19 UoW (Units of Work) with acceptance criteria + Kill Switches
• Every sponsor API call wrapped with retry + fallback + mock path for demo safety
• Zero invented APIs; every endpoint/package name verified against current docs