Recently, I’ve been looking at the project “Trustworthy or Not,” and I’m actually less interested in those one-sentence verdicts people post in the group chat. A GitHub update doesn’t automatically mean it’s safe, but at least it can tell whether the team is still actively working: commit/submission frequency, whether they’re only tweaking copy, and whether there are any public discussion traces around the key contracts. Also, don’t just stare at an audit report’s “passed”—I’ll read the parts about how they handle high-risk issues: do they actually change the code, or do they just tack on some “known risks—proceed at your own risk”… because that difference is huge.



And when it comes to upgrading via multi-sig, things like who’s allowed to sign, what the threshold even is (how high/“how many clicks it takes”), and whether there’s a timelock (the kind that buys you reaction time) are a lot more real and useful than those “decentralization” slogans. Lately, whenever there are big transfers on-chain or the exchange’s hot and cold wallets move, people call it “smart money.” I’ll look, sure—but honestly, it’s more like a weather forecast than risk control.

Quick reminder to myself: I treat “simplicity” like a trap. The more a project seems like “just go for it—you’ll be safe and it’s steady,” the more I need to flip through a couple more pages.
View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • Comment
  • Repost
  • Share
Comment
Add a comment
Add a comment
No comments
  • Pinned