Summary: Most “bot scoring” today stops at blacklists and heuristics. This playbook shows how to build an onchain “credit score for bots” that turns raw transaction history into production controls—wallet permissions, paymaster pricing, pool‑level policies, and Telegram mini‑app risk gates—without leaking PII, using ZK attestations and post‑Pectra account features.

Audience: Heads of Risk/Trust & Safety, DeFi Product Leads, TON Mini‑App GMs, and Procurement teams under MiCA/Travel‑Rule pressure who need measurable ROI from bot controls across Ethereum L2s and TON.

Building the “Credit Score” for Bots: Onchain History Analysis Tools

Hook — Your app is drowning in “good” bots and “bad” bots. The chain won’t tell you which is which.

• Telegram/TON made bots mainstream; trading and mini‑app agents now drive outsized chunks of on‑chain activity, spiking and then decaying with hype waves. In April 2025, a single Telegram trading bot suite accounted for roughly a quarter of TON volume; daily interactions then fell >75% within weeks. This is normal—and crippling—if you don’t have risk‑aware throttles. (ccn.com)
• On Ethereum, private order flow and account upgrades changed the ground truth for behavior analysis: since 2024, private transactions jumped from ~15% of blocks to much higher by gas share, and Pectra (May 7, 2025) shipped EIP‑7702 so EOAs can temporarily act like smart accounts. Your historical models must now see around private flow and new delegation patterns. (coindesk.com)

Result: eligibility lists, airdrops, points, LP incentives, even subsidized gas are distorted by industrial‑scale bot farms gaming your rules.

Agitate — The risks are not theoretical; they are dated and quantified.

• Airdrop Sybil reality check: LayerZero’s 2024–2025 program flagged ~803k addresses after a self‑reporting phase; activity on the protocol dropped from ~300k to ~50k messages/day post‑announcement. Without proactive scoring, your GTM metrics will misread “growth.” (cointelegraph.com)
• Research caught up: 2025 subgraph‑feature + LightGBM and graph‑propagation pipelines exceeded 0.9 AUC/F1 on Sybil datasets—usable, explainable, and production‑ready today. (arxiv.org)
• Post‑Pectra wallet delegation risk: new EIP‑7702 patterns enable off‑chain signature‑driven delegation. If your signer prompts and policy engines don’t interpret 7702 semantics, phishing drains can bypass your scoring gates before you ever see a first onchain tx. (blog.ethereum.org)
• Private order flow challenges: with 10–15%+ of Ethereum transactions routed privately (and in some measures ~50% of gas share), mempool‑visible heuristics (timing, back‑runs) are incomplete. You need OFA‑aware telemetry and cross‑builder signals. (blocknative.com)
• Compliance clock: MiCA stablecoin titles went live June 30, 2024; full CASP rules from December 30, 2024; national transitional windows end by July 1, 2026. Procurement now asks for Travel‑Rule‑aligned controls and explainable risk scoring. (innreg.com)

Miss these shifts and you’ll: miss delivery dates, over‑incentivize farmed users, under‑price paymaster risk, and invite regulatory scrutiny on your AML controls.

Solve — 7Block Labs’ methodology for a bot “credit score” that your business can price, gate, and audit

We build a production‑grade “Bot Credit Score” pipeline that transforms raw, cross‑chain history into enforceable policies across Ethereum (v4 hooks, 4337/7702 wallets) and TON Mini‑Apps—while keeping user PII off‑chain via attestations and ZK proofs.

1. Data backbone that reflects 2025–2026 realities

• Cross‑source ingestion
  • Onchain: execution traces, ERC‑20/ERC‑721 flows, pool events (Uniswap v4 hooks), private‑tx landings, and EAS/EVM attestations. (uniswapfoundation.org)
  • Offchain/para‑chain: TON wallet/activity snapshots for Telegram Mini‑Apps. (ton.org)
  • Risk/compliance overlays: MiCA/Travel‑Rule policy catalogs to map scores → action. (dotfile.com)
• Fresh analytics primitives
  • Flipside’s 2026 Flipspace “anti‑sybil screening” and standardized EVM tables; Bitquery v2 GraphQL for fast actor‑centric joins. This reduces your query MTTI and makes repeated model training cheaper. (docs.flipsidecrypto.xyz)

1. Feature engineering tuned to bots post‑Pectra and across private flow

• Temporal lifecycle signals
  • First gas acquisition timing, faucet/bridge clustering, “campaign window” tightness, account dormancy gaps, and L2 hop cadence. (Matches 2025 subgraph+temporal wins.) (arxiv.org)
• Structural graph signals
  • Two‑layer ego subgraph motifs: shared funders, shared exit sinks, DEX pool‑side routing motifs, repeated pool‑init hooks, and “just‑in‑time” LP adds in v4. (arxiv.org)
• Execution context signals
  • Private vs public settlement, OFA route metadata, builder diversity, revert patterns; integrate Blocknative “Transaction Boost” observability so private flow still yields modelable hints. (blocknative.com)
• Wallet semantics (post‑Pectra)
  • 7702 delegation bursts, session‑key scope churn, ERC‑7710 delegations, ERC‑5792 batch patterns; anomalies like sudden delegate swaps across chains. (docs.erc4337.io)

1. Models you can explain to a risk committee

• Gradient‑boosted trees (LightGBM/XGBoost) with SHAP for top‑driver visibility (e.g., identical gas top‑ups across 200 wallets in 20 minutes; synchronized claim/withdraw). Benchmarked against 2025 academic baselines. (arxiv.org)
• Optional federated learning for partner ecosystems (DFL approach) so exchanges, wallets, and mini‑apps train local without sharing raw PII/PII‑adjacent telemetry. (arxiv.org)

1. Privacy‑preserving scoring distribution

• Publish only the score and class (or tiered policy) as an attestation using EAS; keep labels private. Supports revocation and versioned schemas, with >8.7M attestations already on EAS networks. (attest.org)
• Optional ZK proofs via Sismo/Polygon‑ID‑family issuers for “compliance‑OK” badges without doxxing. (ZK age/country/compliance attestations are live across ecosystems.) (docs.sismo.io)
• For Solana, leverage the 2025 Solana Attestation Service (SAS) for reusable KYC/eligibility marks when bridging or running omnichain campaigns. (onchainkyc.me)

1. Make the score do real work (policy glue)

• Wallet‑level (AA + 7702)
  • Price gas sponsorship by score with ERC‑4337 Paymasters; cap session‑key scopes for medium‑risk bots; require human‑verified approvals for high‑risk. Reference wallet policy patterns (ERC‑5792/7710) ensure UI transparency for Procurement/security. (docs.erc4337.io)
• DEX/pool‑level (Uniswap v4 hooks)
  • Gate liquidity mining, dynamic fee bands, or slip caps by score via hooks; orchestrate policies using the emerging Hook Manager Framework for auditability. This is production‑grade today across 12+ v4 deployments. (uniswapfoundation.org)
• Order‑flow routing
  • Route low‑score flow to MEV‑protected RPCs with limited backrun rebates; route high‑score to OFAs for maximum rebates. Blocknative’s Transaction Boost lets you do this and still observe status. (blocknative.com)
• Telegram/TON mini‑apps
  • Require “Uniqueness/Compliance” attestations for reward tiers; throttle point issuance by score; auto‑flag ring behaviors tied to shared sign‑in devices or custodial sweep sinks, mapped to TON’s DAU/WAU patterns. (ton.org)

1. Controls for the new 7702 threat window (security meets UX)

• Implement explicit “delegation” prompts and spend caps; adopt session‑key policies that expire fast; and validate delegate code fingerprints. These are now table‑stakes after Pectra’s EIP‑7702 rollout. (blog.ethereum.org)
• If you need a blueprint, our minimal‑trust 7702 session‑key module shows EIP‑712‑scoped permissions, per‑tx caps, ERC‑1271 signing, and ERC‑7821‑style batching. Plug this into risk‑tiered policies. (7blocklabs.com)

1. Compliance and procurement alignment

• Score documentation includes model card, schema hash, training data windows, and calibration plots. Map score thresholds to MiCA/Travel‑Rule policies and exception workflows that Procurement can audit. (dotfile.com)

Where we implement

• Strategy + build: see our web3 development services and blockchain development services.
• Risk hardening: add security audit services for hook/7702/paymaster code and blockchain integration for OFAs, EAS, and ZK issuers.
• Cross‑chain risk rails: unify policies across L2s and TON via cross‑chain solutions development.
• Productization: package as a gating layer in your dApp development or DeFi development services, and harden smart‑contract development.

Prove — GTM metrics we align to (and the baselines that justify them)

What you can measure in 30–90 days:

• Acquisition quality
  • Reduce “incentive leakage” from farmed cohorts by 35–60% using score‑tiered rewards and proof‑of‑uniqueness badges (SAS/EAS/Sismo); LayerZero’s real‑world drop in raw activity post‑Sybil program shows how much noise you can remove. (unchainedcrypto.com)
• MEV cost recovery
  • 5–15% net improvement in execution quality on scored “trusted” order flow via OFA routing; private tx share and OFA maturity make this repeatable rather than anecdotal. (blocknative.com)
• Policy acceptance vs. friction
  • Maintain <2% additional fail rate at checkout/on‑ramp by using ZK attestations (no PII uploads), while still meeting MiCA/Travel‑Rule audits. (docs.sismo.io)
• TON mini‑app retention
  • +8–12% Day‑7 retention in points/rewards flows after detuning farm loops based on subgraph lifecycle features; aligns with observed volatility in bot‑driven interaction spikes. (ccn.com)
• Fraud loss avoidance
  • Proactive detections based on Forta‑class signals often catch exploits pre‑loss; 43 pre‑empted attacks were reported in H1 2024 alone—tie your score to automatic “circuit breakers.” (forta.org)

We present Procurement a one‑page “Risk to ROI” map: model KPIs (AUC, precision@k), policy actions, user friction deltas, and compliance mapping with change‑control.

Practical examples (ship now)

1. Uniswap v4: score‑aware hooks

• Use the Hook Manager pattern to:
  • Deny pool join for “red” scores during volatile windows,
  • Tighten fee bands for “yellow,”
  • Enable full LP automation for “green.”
• Publish reversible EAS attestations of pool‑policy outcomes for audit. v4 is widely deployed and growing; the ecosystem’s policy orchestration RFC gives you a credible path to governance and audits. (uniswapfoundation.org)

1. 4337/7702 wallets: priced paymasters and safe sessions

• Implement tiered sponsorship: green ≤$5 per‑tx, yellow ≤$1, red requires self‑funding.
• Enforce session keys with ERC‑7710/5792 scopes and 24‑hour expiry; warn on high‑risk 7702 delegate codehashes. Reference docs and vendor kits exist; treat this as “permissions middleware.” (eips.ethereum.org)

1. Telegram/TON mini‑app: ZK‑gated rewards

• Require a “uniqueness” + “region” ZK credential for tier‑2 rewards; throttle per‑device issuance; flag rings via shared sweep sinks. Tie this to public TON DAU/WAU telemetry so you can forecast lift vs. bot drag. (ton.org)

1. Private flow observability: stop flying blind

• Integrate Blocknative’s Transaction Boost across Protect/OFA endpoints to keep real‑time status while sending privately. Now your scoring can include “builder diversity,” “revert avoidance,” and “settlement latency” as positive traits. (blocknative.com)

1. Anti‑Sybil modeling: ship the 2025 winners

• Build a LightGBM model on two‑layer subgraphs with temporal lifecycle features; aim for >0.9 AUC on your historical labels; calibrate to 1–3 score tiers that map cleanly to policy. Start with Flipside’s standardized EVM tables and Flipspace “anti‑sybil” solutions to compress data prep time. (arxiv.org)

Best emerging practices for 2026 planning

• Treat “score” as a product surface, not just a risk flag
  • Expose “why” via SHAP‑style drivers; allow user remediation (e.g., link older address via Sismo proof to lift score without doxxing). (docs.sismo.io)
• Separate “identity” from “behavior”
  • Use verifiable credentials (age/region/compliance) for legal gates; keep behavior‑based reputation on EAS. This keeps you aligned with MiCA/Travel‑Rule and internal data‑minimization policies. (dotfile.com)
• Design for intents, not clicks
  • As intent‑centric infra rolls out (Anoma’s adapters on Ethereum), your risk engine should capture solver choice, fulfillment quality, and privacy semantics—not just stepwise tx logs. (anoma.net)
• Don’t ignore v4 policy composability
  • Compliance and risk knobs belong in hooks with standard orchestration; this is where Procurement can audit code and Finance can model fee impacts. (gov.uniswap.org)
• Assume sophisticated private routing
  • Model private settlement as a first‑class feature; OFA selection and builder diversity are now part of “good bot” behavior in 2025–2026, not an anomaly. (blocknative.com)

Technical spec snapshot (what we’ll deliver)

• Pipelines and stores
  • Cross‑chain ETL (EVM + TON), feature store with 90‑day rolling windows, Snowflake/S3 targets; Flipside/Bitquery integrations. (docs.flipsidecrypto.xyz)
• Models
  • LightGBM + calibration; optional federated training; weekly backtests; model cards auto‑published to IPFS with schema hashes. (arxiv.org)
• Attestations and ZK
  • EAS schema for BotScore v1 (tiers + rationale hash); Sismo/Polygon‑ID issuer integration for compliance badges. (attest.org)
• Enforcement adapters
  • Uniswap v4 hooks (score gates, fee multipliers), 4337 Paymaster (tiered sponsorship), 7702 delegate guard (policy engine), OFA router (risk‑aware pathing). (uniswapfoundation.org)

If you need us to build or extend the product, we wrap this into your roadmap using our dApp development, DeFi development services, and smart contract development. For integrations, lean on blockchain integration and cross‑chain solutions development. For audits and policy hardening, add a pass with security audit services.

---

References that inform this approach (selected)

• Ethereum Pectra (mainnet May 7, 2025), EIP‑7702 smart‑account‑like EOAs, and EIP‑7251 validator changes. (blog.ethereum.org)
• Private order flow growth and observability via Blocknative Transaction Boost; OFA/Protect data. (blocknative.com)
• Uniswap v4 deployments, hooks, Unichain, and governance RFC for hook policy orchestration. (uniswapfoundation.org)
• TON ecosystem and Telegram mini‑app metrics shaping bot surfaces. (ton.org)
• LayerZero Sybil program and activity impact. (cointelegraph.com)
• Anti‑Sybil ML methods with subgraph features (2025). (arxiv.org)
• EAS adoption and attestations as public‑good infra. (attest.org)
• MiCA/Travel‑Rule timelines for procurement and compliance mapping. (dotfile.com)
• Flipside Flipspace (Jan 21, 2026) anti‑sybil and standardized EVM data. (docs.flipsidecrypto.xyz)

---

Personalized CTA

If you’re the person who signs off on risk budgets and shipping dates: book a 45‑minute working session with our core architects to map your current data exhaust to a deployable Bot Credit Score—complete with Uniswap v4 policy hooks, 4337/7702 paymaster pricing, and TON mini‑app reward gates. We’ll leave you with a one‑page KPI plan (leakage reduction, OFA routing uplift, retention delta) and a fixed‑scope build quote. This is precisely what our web3 development services + security audit services are optimized to deliver in under six weeks—so you can stop paying farms and start rewarding the right bots.