IntoCode just launched as an independent engineering review for Bittensor subnets. It reads a subnet’s actual source code, runs it through a structured analysis process, and publishes a verdict graded on the quality of the engineering rather than on emission, market cap, or token price.
Subnet teams get a private disclosure of any exploitable findings and a seven-day window to respond or fix what was found before anything goes public. The first review’s right-of-reply went out first, with public publications in pipeline.
From Code to Verdict
IntoCode is the second engine inside IntoTAO, the research desk vaNlabs runs for Bittensor. The first engine writes research articles for each subnet, but this one (IntoCode) grades the code behind them.
How a review actually runs:
1. It reads the real source. The engine clones the subnet’s repository at a specific commit and locks that version in place. Every finding ties to a specific line of code at that commit, so reviews can be checked and re-run rather than taken on faith.
2. It checks the code against what the chain enforces. The engine pulls the subnet’s live on-chain configuration and grades against the rules the subnet is genuinely running, not against documentation or defaults.
3. It separates evidence from interpretation. Automated tools gather facts first; specialist reviewers interpret those facts second. Any claim that does not point to a real line of code in the repository is dropped.
4. It refuses to grade on market signals. The engine is built so reviewers cannot justify scores using emission, market cap, or token price. A market-based justification gets rejected automatically.
5. It gives subnet teams a private disclosure first. Anything exploitable goes to the team privately. Public reports never include the location of a live secret or active vulnerability.
6. It runs through a human gate before publishing. Every review lands as a draft for human review and audit before reaching the public surface. The subnet team also gets seven days to respond, correct the record, or fix the issue and request a re-review.
Each review produces one composite score blending engineering quality, Bittensor mechanics, and project health, mapping to one of four tiers from Nascent to Best-In-Class.
Reviews are signed and timestamped by the engine itself, with public keys openly published so the record can be verified rather than trusted on assumption.
Reading Code, Not Charts
The gap IntoCode targets is the one Bittensor has lived with since launch: Market metrics tell the world what a subnet earns but say nothing about whether the engineering underneath actually works. A subnet can carry strong emission with a placeholder reward function copied from a template. A small subnet can ship excellent code and get no signal. The chart never showed the difference. IntoCode does.
The first review is free to read at launch, with further publications gated behind a subscription. For subnet teams, the offer is an independent look at the code with a free private disclosure of anything exploitable, a real chance to respond, and a record signed by the engine that did the work.
For everyone else, it is finally a way to ask “is this subnet well-built?” and get an answer rooted in the code rather than the market.
Enjoyed this article? Join our newsletter
Get the latest TAO & Bittensor news straight to your inbox.
We respect your privacy. Unsubscribe anytime.
Be the first to comment