Futures
Access hundreds of perpetual contracts
TradFi
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Pre-IPOs
Unlock full access to global stock IPOs
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
Running a protocol multisig with weak governance is like running a high leverage trade with immediate liquidation risk. Only difference is it's other people's money on the line
Ten Solana DeFi red flags sitting in plain sight on chain
- Multi purpose governance keys. Same key approving multisig actions is also trading memecoins, farming airdrops, flipping NFTs, swapping on DEXs. Every dapp it touches is another place that signing power can get phished
- Single signer multisigs. No multisig at all, or one with multiple signers but threshold set to 1. Looks distributed, single point of failure in reality
- No role separation. Squads V4 splits permissions into proposer, voter and executor. Most protocols give every signer all three, so one key can propose and execute in a single action. Squads docs warn against this
- Below recommended threshold. Squads suggest 4 of 6 or higher. Most protocols don't hit this
- No timelocks. Only around 1 in 5 protocols use them. It's three steps in the multisig settings. Zero reaction window when something goes wrong
- Concentrated timezone activity. Bunching sensitive changes into the same window makes the operating schedule predictable. Attackers can see when no one's watching
- Weak mint authority multisigs. Often less scrutinised than upgrade or treasury multisigs. Lower thresholds, no timelocks, sometimes separate signer sets. Soft entry point. Get enough keys to meet that threshold and you can mint unlimited supply of whatever token that authority controls
- Active external config authority. Bypasses the multisig entirely. Can change threshold, members, and timelock without a single vote. Squads default is the multisig controlling itself
- Blast radius internal. Several programs under one umbrella are controlled by a single multisig. Or split program multisigs share the same signers. Defeats the point of splitting in the first place
- Blast radius external. Even if one protocol's governance is tight, it's wired into others that aren't. Aggregators, vaults, lending markets, oracles, stablecoins. One failure becomes everyone's problem