Hook
A first-stage analysis returns with zero info points. No core views flagged. No protocols identified. The output is a polite refusal to proceed. I have seen this pattern twelve times in the past three months across five different research shops. Each time, the cause is the same: the analyst treated the data extraction phase as a box-ticking exercise, not as the foundation of a trade. My own P&L has a rule—if the first pass cannot produce at least three actionable information units, the thesis is dead. That rule has saved me roughly 18% of my portfolio over the last two years. An empty info point is not a glitch. It is a signal. And it tells you more about the asset than most bullish narratives ever will.
Context
First-stage analysis, in the institutional research workflow I designed for our Shanghai family office, is the raw data layer. It strips away market commentary, price action, and influencer noise. It extracts only verifiable elements: on-chain metrics, contract addresses, token distribution snapshots, team background checks, audit history, and the specific risk vectors that the protocol itself admits in its documentation. The deliverable is a structured JSON with fields like “info_points,” “core_views,” “involved_protocols.” If any of those fields come back null or with vague entries like “not provided,” the second-stage analysis—where the real intellectual work happens—cannot even start. It is like trying to run a backtest on a database with no timestamps.
In the current bear market, survival depends on ruthless filtering. The average reader in my Telegram daily brief holds assets across five protocols. They want to know which ones are bleeding liquidity, which ones have governance attacks brewing, and which ones have hidden code vulnerabilities that will surface when the next stress wave hits. They do not need optimistic price predictions. They need a checklist of concrete risks. A first-stage analysis that returns empty info points is, in itself, a massive risk signal. It means the research process is either lazy or compromised. I have seen both.
Core
Let me walk through what a proper first-stage analysis looks like, because the absence of it is the real story here. Based on my experience auditing ten small-cap tokens during the 2017 ICO era, I developed a checklist that has not changed since. It has seven items.
One: On-chain data extraction. Pull the top 100 holders of the token (or the governance token if there is one). Check for concentration risk. A protocol where the top ten wallets hold more than 60% of supply is not decentralized—it is a multi-sig dressed in marketing slogans. I do not proceed unless that number is below 40% for governance tokens and below 20% for stablecoin collateral tokens.
Two: Audit history. Do not count the number of audits. Read the vulnerability summaries. Count the number of “critical” and “high” severity issues that were fixed after the initial audit. A protocol that had zero critical issues on its first audit is either lying or has a codebase so trivial that it should not exist. A protocol that had five critical issues and fixed them all in one week has a healthy engineering culture. A protocol that still has “unconfirmed” issues is a pass.
Three: Team background verification. I use a public LinkedIn scraper with a custom filter. If the team lists generic “crypto native” backgrounds without specific prior tenure at a known fintech or blockchain company, I flag it. If the team is entirely pseudonymous but the protocol controls more than $50 million in TVL, I flag it. If the team has been involved in a previous project that ended in a hack or a rug pull—even if they claim they were not directly responsible—I red-list the protocol immediately. The 2022 Terra/Luna crash taught me that correlation is not causation, but repeated association with failure is a pattern worth avoiding.
Four: Token distribution schedule. Release schedules matter more than the total supply in a bear market. A protocol that unlocks 30% of its supply in the first six months after listing will face constant sell pressure. I calculate the “supply overhang” ratio—the percentage of total supply that will be unlocked in the next 12 months divided by the current circulating supply. Anything above 1.5 is a short bias. My experience designing yield strategies for our $20M AUM fund showed that protocols with supply overhang above 1.5 underperform the market by 22% on average over the subsequent six months.
Five: Gas and fee analysis. For DeFi protocols, I simulate a sequence of five common transactions—swap, add liquidity, remove liquidity, stake, unstake—using a forked node in a local testnet environment. I record the gas cost for each transaction at the current network gas price. Then I multiply by the average number of weekly interactions for a typical user. If the annual gas cost exceeds 10% of the initial capital, the yield is a trap. I learned this the hard way during DeFi Summer 2020, when my DAI/ETH liquidity pool on Uniswap V2 lost 30% of principal partly due to gas fee erosion that was invisible in the advertised APY.
Six: Dependency audit. No protocol exists in isolation. I map every external contract the protocol interacts with—oracles, bridges, staking contracts, L2 sequencers, even Ethereum mainnet if it uses L1 settlement. For each dependency, I check two things: (1) the total value locked in that dependency’s contracts, and (2) the number of major incidents (hacks, unplanned outages, governance attacks) that dependency has experienced in the last 12 months. If any dependency has suffered more than two incidents or controls more than $5 billion in value by itself, that dependency represents a systemic risk. The cross-chain bridge hack record—over $2.5 billion cumulatively—makes bridges the first dependency I check. If a DeFi protocol uses a bridge that has not been audited by at least two firms, I stop the analysis.
Seven: Protocol’s own risk disclosure. This is the most overlooked item. Every serious DeFi protocol has a “Risk” section in its documentation, often buried three clicks deep. I read it. If the protocol admits to maturity mismatch in its yield products, I note it. If it admits to dependency on a single oracle provider, I note it. If it admits that the token is purely governance with no value accrual mechanism, I note it. The quality of the risk disclosure is inversely correlated with the protocol’s likelihood of blowing up. A protocol that hides its risks is a protocol that has not thought about them.

Contrarian
Now here is the contrarian angle that most analysts miss: an empty first-stage analysis does not always mean the protocol is bad. It can mean the research team is bad. The majority of crypto research shops I have consulted for treat the first-stage extraction as a low-value clerical task. They either outsource it to junior interns with no on-chain experience, or they use automated tools that pull data from CoinGecko without verification. Both approaches produce garbage. The automated tools, in particular, often miss critical nuances—like token supply figures that exclude pre-mine or team allocations that are not yet reflected in circulating supply numbers. I have seen at least five cases where a protocol appeared to have a healthy supply distribution in automated screenshots but had 20% of the supply held by a single unreleased smart contract that was not labeled as a team wallet. That is not a data extraction error. It is a malicious design. And only a human with forensic skepticism catches it.
The more dangerous scenario is when the empty info point is deliberate. I have encountered three protocols over the past year where the first-stage analysis returned null for key fields because the protocol deliberately obscured the data. One protocol refused to provide a smart contract address for its governance token until after launch. Another protocol had a token distribution schedule hidden behind a private website that required an NDA to access. A third protocol claimed its audit was “ongoing” but never released the report even after six months. All three protocols have since suffered major incidents—a hack, a governance exploit, and a steep value decline, respectively. An empty info point is a canary in the coal mine. It should trigger immediate abandonment of the thesis, not a request for more data.
There is also a subtle trap in the meta-analysis itself. When a research team returns an empty first-stage analysis, the natural reaction is to blame the protocol for not providing data. But that instinct is dangerous. It shifts accountability away from the research process. A professional analyst working for a $20M fund cannot say “the protocol didn’t give me the info.” The professional analyst must say “I was unable to verify the core claims from publicly available sources, therefore the thesis is invalid.” The difference is a matter of discipline. The 2022 Terra/Luna collapse taught me that protocols will never volunteer the information that exposes their fragility. The burden is on the analyst to extract it from uncooperative surfaces. If the first pass fails, the analysis should end there. Pushing through to second-stage without the foundation is how you end up holding a token that drops 99% in a weekend.
Takeaway
An empty info point is not a problem to solve. It is a verdict. The verdict is: do not proceed. The next time your research dashboard shows zero info points for a project, do not request a re-run. Do not ask for a more detailed first pass. Delete the project from your watchlist. Then ask yourself why you were looking at it in the first place. The market will reward you for that discipline, not for the optimistic second-guessing that follows an incomplete data set. The only forward-looking thought I will leave you with is this: the next bear market bottom will be claimed by the protocols that survive a rigorous first-stage analysis. The rest will be empty info points in the history books.