How We Score
BRAF Methodology
The Bitcoin Risk Assessment Framework — a custom 5-dimension scoring model designed for the unique characteristics of a decentralized, adversarial network.
Why Not Standard FMEA?
Classic FMEA (Failure Mode and Effects Analysis) was designed for manufacturing processes with predictable failure modes. Bitcoin has properties that standard FMEA does not capture well:
- Adversarial failures — attacks, not just accidents. The adversary is rational and well-funded.
- Irreversibility asymmetry — some failures are existential, others recover in hours.
- Speed matters — a slow-moving quantum threat is fundamentally different from an instant exploit.
- Distributed detection — sometimes the whole world sees the failure in real time; sometimes an attacker exploits it silently for years.
Standard FMEA's three dimensions (Severity × Occurrence × Detection) don't capture speed or permanence. We added two dimensions and recalibrated the formula accordingly.
The Five Dimensions
| Dim | Name | What It Measures | Scale | Higher = ? |
|---|
| S |
Severity |
Impact on Bitcoin's core properties: immutability, decentralization, scarcity, censorship resistance, security |
1–10 |
Worse |
| P |
Probability |
Likelihood of occurrence within a 10-year window |
1–10 |
Worse |
| D |
Detectability |
How covert the failure is. Inverted from standard FMEA — higher means sneakier |
1–10 |
Worse (sneakier) |
| R |
Reversibility |
Permanence of damage once the failure occurs |
1–10 |
Worse (more permanent) |
| V |
Velocity |
Speed of cascade once the failure is triggered |
1–10 |
Worse (faster) |
The BRPN Formula
BRPN = S × P × ( (D + R + V) / 3 )
Why this formula?
- S and P multiply — a high-severity, high-probability risk is catastrophically elevated. A catastrophic but near-impossible risk scores lower than a moderate but likely one.
- D, R, V average — they characterize the nature of the risk without over-penalizing on any single axis. A risk that's instantly detectable, fully reversible, and slow-moving scores much lower than one that's covert, permanent, and fast.
- Range 1–1000 — same theoretical range as classic RPN, familiar to risk practitioners.
Realistic Bitcoin risks score between 80 and 280 — no entry in our dataset currently reaches 300+, which would require simultaneously maximal severity, high probability, and poor characteristics across all three secondary dimensions.
Risk Tiers
| Tier | BRPN Range | Description |
|---|
| 🔴 Critical |
250 – 1000 |
High severity AND high probability, poorly characterized (covert, permanent, or fast). Demands immediate attention and active mitigation. |
| 🟠 High |
150 – 249 |
High severity with moderate probability, or moderate severity that is hard to detect or reverse. Requires monitoring and planned mitigations. |
| 🟡 Medium |
75 – 149 |
Meaningful risk that warrants awareness and periodic review. Not immediately alarming but should not be ignored. |
| 🟢 Low |
1 – 74 |
Well-controlled, low probability, or low severity. Monitor occasionally. |
Scoring Anchors
To ensure consistency across entries, each dimension uses calibrated anchors:
Severity (S)
- 1–2: Temporary degradation, no lasting impact
- 3–4: Noticeable impairment, days/weeks to recover
- 5–6: Core property compromised, months to recover
- 7–8: Fundamental property severely compromised
- 9–10: Existential — Bitcoin ceases to function as designed
Probability (P) — 10-year window
- 1–2: Theoretical — doesn't exist yet
- 3–4: Possible but requires extraordinary conditions
- 5–6: Plausible given current trajectory
- 7–8: Likely if current trends continue
- 9–10: Near-certain absent intervention
Detectability (D) — inverted
- 1–2: Immediately visible to all participants
- 3–4: Detectable by monitoring within hours
- 5–6: Requires forensic analysis, days to detect
- 7–8: Covert for weeks or months
- 9–10: Potentially undetectable until catastrophic
Reversibility (R)
- 1–2: Fully recoverable, no lasting damage
- 3–4: Mostly recoverable with effort
- 5–6: Partial recovery, some permanent damage
- 7–8: Largely irreversible, significant impairment
- 9–10: Irreversible catastrophic damage
Velocity (V)
- 1–2: Slow burn — years to fully manifest
- 3–4: Gradual — months to develop
- 5–6: Moderate — weeks
- 7–8: Fast — days to hours
- 9–10: Instantaneous cascade — minutes or less
Scope: Bitcoin Layer 1 Only
This FMEA covers Bitcoin's base layer protocol only (L1). The following are explicitly out of scope for v1:
- Lightning Network and other Layer 2 solutions
- Exchange and custodian risks
- Individual wallet security
- Market / price risks