Understanding Your Audit Results

Output files

What you get

Your audit downloads as a ZIP file containing multiple output files. Each file is designed for a different purpose and audience. You do not need all of them — most users only need the Excel report and review CSV.

Workflow

Where to start

Most people should follow this order:

1. Open review.csv first

   This file contains only the transactions that need attention, sorted by risk level. Start with the HIGH risk rows. Each row tells you the transaction hash, what TrueBasis classified it as, and why it was flagged.

2. Check mismatch_report.csv if you uploaded a tax software export

   If you provided a CoinTracker, Koinly, or TokenTax CSV, this file shows every structural contradiction between what your tax software recorded and what TrueBasis found on-chain. STRUCTURAL_CONTRADICTION rows are the highest priority — these are cases where the transaction type is wrong, not just the label.

3. Open the Excel report for the full picture

   The Excel file contains everything. The main transactions tab is your complete classified history. The Gas Summary tab shows total fees paid by chain. The Open Positions tab flags any DeFi lending or vault positions that were opened but not closed within the audit period.

4. Share the ZIP with your CPA

   The entire ZIP is the audit package. Your CPA should focus on review.csv, mismatch_report.csv, and the Excel report. The audit_pack.md provides narrative context. The PDF summary is suitable for client-facing communication.

Risk signals

Risk levels explained

Every transaction receives a risk level based on structural signals — classification confidence, protocol risk, MEV detection, token contract age, and mismatch indicators. Risk level does not mean the transaction is illegal or wrong. It means it warrants attention.

What generates a HIGH risk flag

The most common HIGH risk triggers are:

STRUCTURAL_CONTRADICTION — Your vendor export labeled the transaction one way; on-chain evidence supports a different structural type (for example, an exchange of one token for another via a DEX router when the vendor recorded a simple transfer). These are the most actionable flags in the mismatch report.

Protocol risk match — The contract you interacted with appears in TrueBasis's protocol risk registry as OFAC-sanctioned, exploited, or deprecated. This does not mean your transaction was illegal — many protocol exploits affect users who had nothing to do with the attack — but it requires documentation.

Unverified airdrop — An AIRDROP_RECEIVED transaction where the token contract is unverified on Etherscan or was created very recently. This is a common pattern for dust attacks and spam tokens.

Unclassified transaction with value — TrueBasis could not determine what this transaction was, and it involved a non-trivial amount. Manual investigation is required.

Classification quality

Confidence scores

Every classification carries a confidence level that reflects how certain TrueBasis is about the structural determination. Confidence is based on the quality and quantity of on-chain evidence — method selectors, log events, transfer patterns, contract verification.

Triage file

Reading review.csv

review.csv is sorted by risk level (HIGH first) and contains only transactions that need attention. The columns you need to understand:

tx_hash

The unique transaction identifier on the blockchain. Paste this into the relevant chain's block explorer (Etherscan for Ethereum, Arbiscan for Arbitrum, etc.) to see the raw transaction and independently verify TrueBasis's classification.

class_id

What TrueBasis determined this transaction to be. See the glossary for a plain-English definition of every class ID and CPA review notes for structural context.

risk_level and risk_reasons

Why this transaction was flagged. Risk reasons are machine-readable codes that tell you specifically what triggered the flag — LOW_CONFIDENCE, STRUCTURAL_MISMATCH, PROTOCOL_RISK, UNVERIFIED_CONTRACT, etc.

evidence

The on-chain data TrueBasis used to make its determination — method selector, protocol name, contract verification status, bridge pair transaction hash, MEV bot address, and so on. This is the audit trail that supports each classification.

Second opinion

Reading mismatch_report.csv

The mismatch report is only generated when you upload a tax software export CSV. It compares TrueBasis's structural classification against what CoinTracker, Koinly, or your other tool recorded — and flags every contradiction.

our_class vs vendor_cat

our_class is TrueBasis's structural determination based on on-chain evidence. vendor_cat is whatever your tax software called the transaction. When these differ, TrueBasis records the mismatch type.

Mismatch types

STRUCTURAL_CONTRADICTION — The most serious mismatch. TrueBasis determined the transaction is structurally a different type than what your vendor tool recorded. Example: your export labeled a Transfer, but on-chain evidence shows an exchange of one token for another via a DEX router. Tax treatment depends on your CPA's determination; this flag is a structural signal, not a tax determination.

MISSING_IN_VENDOR — TrueBasis found an on-chain transaction that does not appear in your tax software export at all. Common with airdrops, certain DeFi interactions, or multi-chain activity your tool did not cover.

LOW_CONFIDENCE_MATCH — Both tools found a transaction but TrueBasis's confidence in its classification is low. The vendor may be right — manual review is needed.

CPA workflow

Guidance for CPAs

TrueBasis is a structural verification tool, not tax software. It does not calculate gains, losses, or cost basis. Here is how to use it effectively alongside your existing workflow.

What TrueBasis gives you

A deterministic, evidence-based structural classification of every on-chain transaction — independent of any tax software. Each classification is supported by on-chain evidence you can independently verify with a block explorer. The engine version is locked per job, so the same input always produces the same output.

Recommended workflow

1. Export your client's transaction history from their tax software

   CoinTracker, Koinly, and TokenTax exports are all supported. Upload the CSV alongside the wallet address when running the audit.

2. Review mismatch_report.csv for STRUCTURAL_CONTRADICTION rows

   Sort by risk_level DESC. Each contradiction is a potential category mismatch in the vendor export. Verify the on-chain evidence against the vendor category. Determine which is structurally correct; tax treatment is your determination.

3. Check the Open Positions tab in the Excel report

   Any lending or vault position opened but not closed during the audit period appears here. Your CPA should review open positions for completeness and follow-on activity outside the audit window.

4. Review protocol risk flags

   The Protocol Risk tab in the Excel report lists interactions with OFAC-sanctioned or exploited protocols. Document these carefully for the file; your CPA should assess relevance.

5. Use review.csv as your sign-off checklist

   Every item in review.csv should have a disposition note before you sign off. TrueBasis gives you the structural evidence — classification for reporting is yours to determine.

FAQ

Common questions

Why does TrueBasis classify a transaction differently than my vendor export?

Third-party tools often classify transactions from exchange data, user-submitted labels, or simple heuristics. TrueBasis reads the raw on-chain state — method selectors, event logs, transfer patterns — and applies deterministic structural rules. Neither approach is infallible. TrueBasis is a structural second opinion, not a final determination of how anything should be recorded.

What does "engine version" mean?

TrueBasis locks the classification engine version for every job. The version is recorded in engine_version.json and in the Excel Disclaimer & Key tab. This means you can always reproduce the exact same classification results by re-running the audit with the same inputs and the same engine version.

My transaction is classified as UNCLASSIFIED. What do I do?

UNCLASSIFIED means TrueBasis could not match the transaction to a known pattern. Look up the transaction hash on the relevant block explorer, identify the contract and function called, and determine manually what the transaction did. If it involves a significant amount, have a CPA review the structural facts before you rely on it for any reporting.

I transferred between my own wallets. Why is it flagged?

Without an owned_addresses.json file, TrueBasis cannot confirm that the destination address belongs to you. It will classify the transaction as SELF_TRANSFER_CANDIDATE (medium confidence) rather than SELF_TRANSFER_CONFIRMED (high confidence). On your next audit, provide a JSON file listing all your wallet addresses to resolve this automatically.

What is the difference between a BRIDGE_TRANSFER and a BRIDGE_TRANSFER_CONFIRMED?

BRIDGE_TRANSFER means the destination address matched a known bridge contract — but TrueBasis only saw one side of the bridge. BRIDGE_TRANSFER_CONFIRMED means TrueBasis found the matching transaction on the destination chain — same recipient, same token, same amount, within 24 hours. Confirmed bridge pairs have risk_level NONE.

Can I re-run an audit and compare results?

Yes. TrueBasis's audit diff engine automatically compares your current audit against a previous audit for the same wallet. The audit_diff.json file and the Audit Diff tab in the Excel report show new transactions, removed transactions, reclassifications, and risk level changes since your last run.

Does TrueBasis store my wallet data?

Your audit ZIP is held for one hour after completion and then permanently deleted. Wallet addresses and transaction data are not stored beyond your audit session. See the Privacy Policy for full details.