Human Authenticity Scoring

Detect bots. Protect
your server.

Gait watches behavioral patterns — never message content — to score whether an account is operated by a real human or an automated system. Built for server admins who want signal, not noise.

Add Gait to Discord Free · No account required · 2-step setup

How it works

Four dimensions.
One score.

Gait computes a trust score between 0 and 1 from four behavioral dimensions. A minimum of 50 observed events is required before any account is scored.

Temporal 35% weight

How regular and mechanical is the timing of this account's activity? Bots operate on clocks; humans don't.

  • Burst regularity — variance in message cluster timing
  • Reply latency CV — coefficient of variation in response time
  • Typing ratio CV — consistency of typing duration vs message length
Content 25% weight

Do message lengths and edit patterns show human variance? Automated accounts often produce suspiciously uniform output.

  • Message length CV — variation in character count over time
  • Edit rate — ratio of edits to original messages sent
Lifecycle 25% weight

Account history and identity signals. New accounts with randomised names and no avatars score lower.

  • Account age — days since Discord account creation
  • Username entropy — Shannon entropy of the username string
  • Avatar presence — whether a custom avatar is set
Social Phase 2

Cross-server coordination and interaction graph analysis. Reserved for Phase 2 — currently neutral at 0.5.

  • Cross-server presence patterns
  • Interaction network clustering
  • Coordinated join velocity

Classification thresholds

0.00 0.25 0.45 0.65 0.85 1.00
0.00 – 0.24
Confirmed
Automated
0.25 – 0.44
Likely
Automated
0.45 – 0.64
Uncertain
0.65 – 0.84
Likely
Human
0.85 – 1.00
Confirmed
Human

Default alert threshold: 0.45 — adjustable per server with /gait settings

Permissions

What Gait
asks for and why.

Three of these are Discord Privileged Gateway Intents — you'll see them labelled in the authorisation flow. Here's exactly what each one enables.

Permission Why we need it What it does NOT grant
Server Membersprivileged Receive join and leave events to track account age at join, join velocity, and membership patterns across your server. Access to member DMs, bans, roles, or any profile data beyond what is publicly visible.
Message Contentprivileged Measure message length and edit timing. We record the length of a message in characters and whether it was edited — never the text itself. Message text, attachments, links, or any semantic content. The content field is discarded immediately after length is measured.
Presenceprivileged Observe activity state transitions (online → idle → offline) to detect unnaturally stable or clockwork presence patterns. Rich presence data, game activity, Spotify status, or custom status text.
Send Messages Post alert embeds to the channel you configure with /gait setchannel. Access to any channel that is not the configured alert channel.
Embed Links Render rich alert cards with score breakdowns and action buttons. Ability to post in channels not already granted by Send Messages.
View Channels Observe message and reaction events across channels that are visible to the bot role. Access to private or restricted channels unless explicitly granted by your server's role configuration.

Data transparency

Exactly what gets
sent to our API.

Gait never transmits message content, raw user IDs, or any personally identifiable information. All identifiers are anonymised before leaving your server.

Collected
  • Anonymised user identifier (GIID) HMAC-SHA-256 hash of your guild ID + Discord user ID. Irreversible. Raw IDs never leave your server.
  • Event type e.g. message_create, guild_join, reaction_add — no content, just the event kind.
  • Message length Character count only. The message text itself is discarded immediately.
  • Edit flag + edit latency Whether a message was edited, and how many seconds after posting.
  • Reply latency Seconds between a message being sent and a reply being posted.
  • Account age at join Age of the Discord account in days at the time they joined your server.
  • Avatar presence Boolean: does this account have a custom avatar set?
  • Username entropy Shannon entropy score of the username string — a measure of how randomised it appears.
Never collected
  • Message content The text of any message. Ever. Length is measured then the string is discarded.
  • Raw Discord user IDs Snowflake IDs are hashed with HMAC-SHA-256 before transmission. The raw ID never reaches our API.
  • Direct messages The bot only observes events in servers it has been invited to.
  • Voice audio We record voice state changes (joined / left) but never audio data.
  • Usernames or display names The username string is used only to compute entropy. The string itself is not stored.
  • Email addresses or linked accounts We have no access to Discord account settings or OAuth data.
  • IP addresses We receive no network-level data about your members.
// Anonymisation pipeline
Discord user_id: "12345…"
Bot (local) HMAC-SHA-256(user_id, guild_salt)
Bot (local) HMAC-SHA-256(hash, gait_salt)
API GIID: "a3f8c2…"

The guild-specific salt is unique to your server and never shared. The two-stage hash means Gait cannot reverse-map a GIID to a Discord user, and your guild cannot reconstruct GIIDs without Gait's internal salt.

Setup

Two steps.
Five minutes.

No account, no dashboard, no API keys to manage. Everything is configured from inside Discord.

1

Invite the bot

Click the button below and authorise Gait for your server. The bot will appear in your member list and begin observing events immediately. No configuration needed to start collecting data.

→ Add to Discord
2

Set your alert channel

Run one slash command in the channel where you want to receive alerts. Gait will post a test message to confirm it's working.

/gait setchannel #your-channel

Optional — fine-tune per server

/gait settings threshold:0.35

Lower the alert threshold for stricter detection. Default is 0.45.

/gait mode auto

Automatically kick confirmed bots instead of alerting only.

/gait status @user

Check the current trust score for any member on demand.

/gait whitelist @user

Mark a known-human account, overriding the score permanently.

Ready

Add Gait
to your server

Free. Open source. No account required.

Add to Discord