Trust Network System
The Trust Network is SYNTHET's intelligent member risk assessment engine. It analyzes new members across four processing layers to determine trust scores, assign risk classes, and trigger appropriate enforcement actions automatically.
The Four Processing Layers
The Trust Network processes every member join event through four sequential layers, each adding intelligence to the final decision:
1Local Signals
Analyzes the Discord account itself: account age, avatar presence, username patterns, default avatar, server history, and past behavior. Generates a base risk score.
2Network Signals
Correlates with other members: is this account in the same servers as known bad actors, linked to previous raid accounts, or part of a join storm. Adds contextual risk factors.
3Decision Engine
Combines local and network scores with your server's enforcement profile to determine the risk class (CLEAN, WATCH, QUARANTINE, BLOCK) and required verification level.
4Action Orchestrator
Executes the decision: assigns roles, creates verification challenges, logs to mod channels, or automatically blocks/kicks the member. All actions are reversible and auditable.
Risk Classes & Thresholds
Every member is assigned one of four risk classes based on their combined risk score (0-100). Each class triggers different enforcement actions:
CLEAN
Low-risk account. Trusted account age, complete profile, no red flags. Granted full access immediately. No verification required.
WATCH
Moderate risk. New account or minor suspicious patterns. Granted access but monitored closely. Optional soft verification. Elevated permissions (DM, reactions) may be restricted temporarily.
QUARANTINE
High risk. Very new account, join storm member, or network red flags. Restricted channel access and message permissions. Required to complete verification challenge before full access.
BLOCK
Critical risk. Known bad actor, multiple raid flags, or blacklist match. Automatically blocked from the server or kicked immediately. Requires admin review to reverse.
How Risk Scoring Works
Risk scores combine two components into a final composite score:
Local Score (0-70 points)
Calculated from account-specific factors:
- •Account Age: Newer accounts add more risk (brand new = +40, 30 days old = +10, 90+ days = 0)
- •No Avatar: +15 points
- •Default Avatar: +8 points
- •Suspicious Username: Pattern matching for numbers/random chars adds +10
- •Bio/Status Missing: +5 points
Network Score (0-30 points)
Calculated from server and network context:
- •Join Storm Detection: Multiple accounts joining within minutes adds +15
- •Known Bad Actor Network: If in same servers as flagged accounts, +20
- •Previous Raid Connection: Correlated with past raid member, +25
- •Shared IP/Device: Same join IP as recent problem member, +10
Final Risk Score
risk_score = local_score + network_score
Results in a 0-100 composite score. Enforcement Profile thresholds determine which risk class the score falls into, allowing you to adjust sensitivity globally.
Enforcement Profiles
Enforcement profiles are presets that adjust the threshold boundaries for risk classes, letting you choose your server's overall trust posture:
BALANCED (Recommended)
Default profile. Moderate protection without excessive false positives. Good for most servers.
CLEAN: 0-30 | WATCH: 31-50 | QUARANTINE: 51-75 | BLOCK: 76+
STRICT
Aggressive protection. Lower thresholds push more members into QUARANTINE. Best for high-value servers or during active raids.
CLEAN: 0-20 | WATCH: 21-40 | QUARANTINE: 41-70 | BLOCK: 71+
LENIENT
Minimal friction. Higher thresholds mean more members skip verification. Best for open communities or during normal times.
CLEAN: 0-40 | WATCH: 41-60 | QUARANTINE: 61-80 | BLOCK: 81+
CUSTOM
Set your own thresholds. Advanced configuration for fine-tuned control over each risk class boundary.
Define 3 breakpoints to divide 0-100 score into 4 classes
Shield Mode: Automatic Escalation During Raids
When a raid is detected (multiple high-risk joins in short timeframe), the Trust Network automatically escalates through Shield Mode levels to increase protection:
1NORMAL
Default state. Standard enforcement profile active. Verification requirements as configured.
2ELEVATED
Triggered when 5+ risky joins detected in 2 minutes. Threshold shifts to STRICT automatically. Member cap may be enabled. Captcha verification becomes mandatory.
3SHIELD_ACTIVE
Triggered when 10+ risky joins in 5 minutes or continued escalation. Joins are automatically kicked/blocked instead of quarantined. Server enters lockdown. Moderators alerted for possible active raid.
4COOLDOWN
After raid threat passes (no risky joins for 15 minutes), system gradually downshifts to ELEVATED then NORMAL. Time to review quarantined members and take action before re-opening.
Verification Challenge Types
Quarantined members can verify identity through different challenge types. Choose by risk level:
SOFT_CHECK
Low friction. Member clicks "I'm not a bot" button. Logs verification. Suitable for WATCH members.
VOUCH
A trusted member vouches for the new member. Requires sufficient vouch level (V1+). Proof of offline connection or friend.
CAPTCHA
Google reCAPTCHA challenge. Blocks bots effectively. Suitable for QUARANTINE members during normal times.
RULES_ACK
Member acknowledges they've read the rules by clicking buttons. Encourages rule awareness. Good friction/security balance.
PUZZLE_PICK
Member solves a simple puzzle (find the emoji, match pattern, etc.). Proves human interaction. Used during raids.
MANUAL_REVIEW
Staff manually reviews the member. Ticket created in staff channel. Used for edge cases or critical accounts.
Vouch System
Members earn vouch levels over time, allowing them to verify new members they know:
V0 (No Vouches)
New members. Cannot vouch for others. Must wait for reputation to grow.
V1 (Emerging Trusted)
After 7 days + 10 messages. Can vouch for 1 member per week. Limited influence.
V2 (Community Member)
After 30 days + 50 messages. Can vouch for 3 members per week. Clear reputation.
V3 (Trusted Role)
After 90 days + 200 messages OR explicit role assignment. Can vouch for unlimited members. Staff endorsement weight.
Vouching creates a verification claim. If the vouched member later causes problems, the voucher's reputation may be affected.
Appeal System for Falsely Flagged Members
Legitimate members can appeal quarantine or block decisions:
How to Appeal: Quarantined members see an "Appeal" button on their verification panel. They can submit a brief statement explaining their account.
Review Process: Appeals queue in the dashboard Appeals tab. Staff review within 24 hours and either Approve (remove quarantine) or Deny (maintain quarantine with optional note).
Appeal Limits: Each account gets 3 appeals before further appeals require staff pre-approval. Prevents spam.
Staff Actions: Staff can provide custom rejection reasons (e.g., "Account too new", "Shared IP with raider"). Appeals are logged for audit trail.
Bot Usage: No Commands Required
The Trust Network is fully event-driven. When members join, the system automatically evaluates them and takes actions. Your moderation team never needs to run slash commands.
Moderator Action Buttons in Mod Log
When a decision is made, a decision card appears in your mod log channel with action buttons:
Remove quarantine role, grant full access. Use when member proves legitimacy.
Upgrade action to kick or ban. Use when member violates rules while quarantined.
Send verification challenge. Use to recheck member with different challenge type.
Create appeal ticket for member review. Use when member manually appeals decision.
No Configuration Needed: Once enabled in the dashboard, the Trust Network runs completely automatically. Members are evaluated, actions taken, and decisions logged without staff intervention.
Dashboard Usage: Complete Control Center
Navigate to Security → Trust Network in the dashboard to access six comprehensive tabs:
Overview Tab
High-level metrics and trends:
- •Stat cards: Decisions made today, active quarantines, blocks, active incidents, pending appeals
- •Risk distribution chart (pie/bar) showing breakdown of CLEAN vs WATCH vs QUARANTINE vs BLOCK
- •Recent decisions table with member, risk score, action taken
Settings Tab
Configure enforcement and behavior:
- •Mode selector: OFF / LOCAL_ONLY / CONSUME_ONLY / FULL
- •Enforcement profile: BALANCED, STRICT, LENIENT, CUSTOM
- •Threshold sliders: Adjust breakpoints for risk classes (CUSTOM mode)
- •Toggle switches: auto-shield, auto-quarantine, ban automation
- •Channel/role selectors: Mod log channel, quarantine role, trusted role bypass
Decisions Tab
Review all member evaluations:
- •Searchable table: Filter by member name, ID, risk class, date range
- •Detailed view: See local_score, network_score, risk_score, action taken
- •Revert capability: Undo quarantine/block actions (creates audit log entry)
Incidents Tab
Track active and historical raid events:
- •Active incidents list: Shows Shield Mode state (NORMAL/ELEVATED/SHIELD_ACTIVE/COOLDOWN)
- •Incident severity: Low/Medium/High/Critical based on join patterns
- •Timeline view: When incident started, escalations, when resolved
Appeals Tab
Manage member appeals:
- •Pending appeals queue: Shows member, reason, submit time
- •Approve/Deny actions: Quick buttons to make decisions
- •Custom rejection reason: Explain why appeal was denied (sent to member)
Audit Tab
Complete action history:
- •Full action log: Every decision, revert, appeal, staff action timestamped
- •Filtering options: By action type, member, staff actor, date range
- •Export capability: Download audit trail for compliance
Configuration Example: Balanced Setup
Here's a recommended starting configuration for most servers:
Mode: FULL
Enforcement Profile: BALANCED
Auto-Shield: Enabled (5+ risky joins in 2 minutes = ELEVATED)
Auto-Quarantine: Enabled for QUARANTINE class members
Ban Automation: Disabled (manual review preferred for BLOCK members)
Quarantine Role: @Unverified
Verification Challenge: CAPTCHA for QUARANTINE, SOFT_CHECK for WATCH
Mod Log Channel: #security-log