Now that I’ve wrapped my head around trust circles, our browser extension is starting to support EVM addresses, and I’ve thought about how I expect them to function I want to be able to apply this vision to the MetaMask Snap

Here is how I expect it to go:

1. Curators will start making relevant claims about EVM addresses, smart contract or EOA, etc
2. Our Hive Mind dapps will recommend some of these curators to our users, especially since many Hive Mind users will be interacting with the addresses that the curators will be making claims about
3. Users will use the Hive Mind Snap for MetaMask and be presented with the most important / insightful claims for each address they transact with. Hive Mind may also include insights from our own list of curators that WE follow, which would lighten the burden of users having to find curators to follow (high friction)

This begs the question of which triples should be displayed within the MetaMask Snap.

Currently my LLM latched onto the following claim types:

• Scam, Spam (via canonical reported for predicate)
• Trustworthy, Bullish (via has tag)
• Add Tag

Should we also add one for “has alias” or something like that? What are some other important claims to surface?

Once we settle upon which claims we’ll use then we can start encouraging curators to start making claims about said addresses, and I can display them in the Snap. We can also show the ENS names of the curators that agree or disagree with any given claim.

Is there anything else that you think the Snap should show? I don’t think we’re going to be showing as many global statistics as our earlier prototypes because they aren’t fully reliable and don’t convey the full picture.

Am I missing anything else here?

Warning: scope creep

IMO, semantic claims about the wallets onchain behavior is a really interesting use case for triples. I hope to see more programmatic curators who automate the collection and interpretation of existing data and semantically structure it on the KG.

For example:
[has onchain tag] Diamond Handed
[has onchain tag] Whale
[has onchain tag] DeFi LP

Providing quick and useful context without the user needing to look at a wallet’s history.

But to address the original question, it would be nice to surface social accounts from the wallet level. If a user doesn’t have the same EOA and X handle, then claims about where to find them (their Medium / X / EthMagicians / etc) helps to unify their content footprint and opens up new ways to discover. And if someone makes a claim about themselves, then it can be filtered into a personal on-chain linktree.

I do think the data needs to be useful to not become cluttered. Whatever can be gleaned from the data should go to solve a problem someone else has or make something more convenient. Interpreting on-chain data about a wallet is very inconvenient for the onchain crypto niche. Also, finding someone across multiple platforms is inconvenient; however, I think I would still instinctively go to their X ‘about me’ section in the hope that they had all the relevant links already there.

Great thread - this overlaps a lot with predicate work I’ve been doing for AgentScore, so a few concrete thoughts.

On the safety side: reported for (paired with Scam / Spam / Injection objects) is already minted on mainnet and designed to be reused exactly like this. The Injection object is worth surfacing in the Snap too - for contract addresses, “reported for Injection” flags a different and increasingly relevant risk than plain Scam.

On @matt_chain’s social-discovery point - this is something I’ve been building right now. A set of identity predicates: has x, has discord, has telegram, has github, has website. They turn a wallet into exactly the “personal on-chain linktree” you described - [Address] - has x - [handle], etc. Generic by design so any app can read them. Happy to coordinate so Hive Mind and AgentScore use the same canonical set rather than fragmenting.

On has alias - there’s already same as on mainnet (minted it last week after a similar question from Kylan). It handles the mutable-handle / immutable-ID case: [x.com/handle] - same as - [x.com/i/user/123]. Survives handle changes. That might cover what you had in mind for alias.

The one thing I’d push on, regardless of which predicates win: the Snap should filter every claim by trusted publisher address before display. A claim type like “reported for Scam” is only as good as who published it - anyone can write that triple. Showing curator ENS names (as Kylan suggested) is the right instinct, but it should be a hard filter, not just a label. Otherwise the Snap becomes a vector for griefing - someone mass-tags legit contracts as Scam.

On scope creep - matt’s right. I’d start the Snap with two buckets only: safety (reported for) and identity (has x / website / etc). Behavioral tags (Whale, Diamond Handed) are genuinely interesting but they need programmatic curators with reliable methodology first, otherwise they’re noise. Ship the two reliable buckets, add behavioral once there’s a curator actually producing it well.

Happy to share term_ids for any of the above - most are minted, the identity set is in progress and going into the next Intuition Ontology PR.

Most important?

Security-related claims for sure.

CAVEAT BEFORE I DIVE IN HERE: ‘important’ and ‘viral’ / ‘things that might get PMF’ may be two totally separate things. I think the ecosystem needs better security now more than ever, so I’d argue that these security use cases are the most important - and probably the easiest sell to other wallets to natively integrate / the best way to prove the value of Intuition and the snap - BUT there might be other, more viral use cases like the ‘aliasing’ / ‘naming’ use case that might get more traction in the immediate term…

But, here, I’ll just focus on ideating on the security front @smilingkylan :

--

Permissioned Security Claims

In addition to the ones you’ve mentioned, I think something along the lines of - Audited / Audited by X / Here is the Audit Report / Audit Report Date / etc. would be very valuable.

And then working with auditors to get these claims posted - maybe even programmatically at the end of an audit.

In our convos with auditors, they seemed interested in doing this to get the free publicity / marketing of having their name up on the screen with every transaction is made (if you go the ‘Audited by X’ route)

You could work with the auditors specifically, to ensure that only claims coming from THEIR addresses show up in the Snap (i.e. Audited by Consensys Diligence - only shows up if there is TRUST on the Claim from one of the official Consensys Diligence wallets, etc.)

Then, you could show these claims with a high degree of confidence and WITHOUT people needing to follow / trust people in Intuition - YOU are doing the curating, to make sure only good Claims show up…

Obviously against our general principles of permissionless claiming / decide who to trust, but I do think this would be a good place to start, to prove out the use case / showcase the utility / remove the friction of people needing to decide if they trust the people making the claims…

--

Semi-Permissionless Security Claims

Auditor claims is the easiest / most centralized - one level further out on the decentralization spectrum could be some set of whitelisted addressess, maybe even curated by the community and/or via claims on Intuition, that allows a set of non-auditor, security-minded folks to attest to the security of things - again removing the need for people to ‘trust the attestors’, and rather placing the trust in the curators of the attestor set.

--

Permissionless Security Claims

The easiest approach, but feels the most flimsy. Let anyone claim anything about anything and show it all, and place the burden of interpretation on the user.

--

I think all 3 of these could co-exist alongside one another, and you could just segregate them accordingly, so it’s easy for users to dicscern ‘hey this is from a trusted auditor’, ‘hey this is from this broader group of white hats’, ‘hey this is just from the community’, etc…

Just a heads up that I submitted a “draft” to the MetaMask Snap team yesterday to get it out in front of you guys since asking people to download a special version of MM (Flask), download a repo and run it, then install the Snap, etc is a complete hassle. The idea is to get feedback and hopefully the next submission is the official v1.

If you want to do a deep dive into the Snap here is the source code (MetaMask require the source code to be public)

Here is what I submitted. Screenshots at bottom of post for reference

Snap UI — what shows, and where

The panel has two pages and inspects two subjects.

What each page shows

Primary page

Three mutually-exclusive branches, top to bottom:

Normal (has content to show on the primary page)

1. Subject cards — address-first, unless only the Domain has a critical report
   • Address card: Destination heading → account type → critical reports → safety flags → provenance → your take → people you follow
   • Domain card: Domain heading → critical reports → your take
2. “Transaction initiated from Hive Mind” line (first-party extension origins only)
3. “More info” button (if extra content exists)
4. Footer: one action link per subject

Empty (nothing from your network to show on the primary page)

1. “No signals yet” notice + account type + contribute nudge
2. “N public claims from outside your network” + “More info” button (if public claims exist) — public claims are never shown on the primary page, but this teaser signals that the More info page has content
3. Footer

Promote (nothing to show on the primary page, but there IS more-info content)

• The “more” cards are pulled forward and shown on the primary page instead of behind a button
• Footer follows (no button)

More info page

1. Address card (2nd-degree safety + demoted/2-hop familiarity)
2. Domain card (non-critical safety + familiarity)
3. Public claims — address
4. Public claims — domain
5. “Back” button

The “unverified · anyone can post” caveat appears on the first public-claims block only.

The rules that decide what’s shown

1. Is the subject suppressed? (skip everything below if yes)

2. Does the subject have an atom + is the feature on?

Safety, familiarity, and public claims only run when the subject has an Intuition atom. The 2-hop network also requires EXTENDED_NETWORK_ENABLED and a non-empty trust circle. EXTENDED_NETWORK_ENABLED can be flipped to false once the network no longer needs 2-hop network claims.

3. Safety gating — who has to vouch for a signal to surface

Each claim is classified by its predicate and gated by who’s asserting it:

Provenance answers “who is behind this address?” — who created, audited, or is associated with it. It is background context about the entity’s identity and history, not a safety warning.

Alert severity:

• Red (critical): hard lane + whitelisted authority + critical-severity object
• Yellow (warning): hard lane but non-critical (trust-circle report, or authority asserting a non-critical object), or soft flag from a follow or 2-hop contact

Key rules:

• A friend-of-a-friend (degree-2) can never un-suppress a hard report or make it critical.
• A hard report from a follow (not an authority) shows as a non-critical flag.
• Anonymous claims (no whitelist / circle / extended tie) are dropped entirely.
• Positive tags (trustworthy, bullish, etc.) are not safety — they flow through familiarity.

What objects are critical (hard lane, authority-backed): scam, phishing, drainer, honeypot, exploit, sybil

What objects are warnings (hard lane, non-critical): spam, injection, botReport

Open question: Should additional object types be classified as warnings?

What objects are soft flags (trust-circle/2-hop only): suspicious, malicious, scammer, impersonation, bot

4. Tier placement — primary page vs. “More info”

The Domain card is asymmetric: only its critical banner shows on the primary page. All other Domain safety and familiarity live behind “More info”.

One home per claim: a claim shown by safety is excluded from familiarity; safety/familiarity/self claims are excluded from public claims. Public claims are sorted by stake, capped at 3 per subject.

5. Which branch?

Has anything to show on the primary page?
├── yes → Normal branch (+ "More info" button if extra content or public claims exist)
└── no  → Has more-info or public claims content?
          ├── yes → Promote branch (show 'more' cards on the primary page, no button)
          └── no  → Empty branch

Examples

Feature flags

These example screenshots don’t show Site / Domain claims because it would have taken more work and those sections more or less look identical to the address claims.

Different alert levels when I set smilingkylan.eth as an authority712×1134 71.1 KB

"More info" page example, note that public claims show market cap684×620 31.1 KB

Also @billy let me know if you’re willing to connect me with some of the auditors or any other professionals who may find our software useful. I was worried we wouldn’t be able to find anyone who’d want to try playing around with our tool but if some people want to get ahead of the curve and are interested then it’d be great if I could get some feedback from them and even let them start playing around with the Hive Mind tools.

I had also held off on making YouTube videos until I had a working version of the Snap since claim creation isn’t as compelling unless users see insights from Intuition in their normal crypto transaction flow. This Snap completes the loop and I’ll be making videos and writing articles this week.