I'm now checking whether a project is "reliable or not," and I'm actually paying less attention to how they boast verbally. First, I go check GitHub and audit reports... But honestly, it's easy for beginners to be misled. An update on GitHub doesn't necessarily mean a useful update; sometimes they just change a README and act very diligent. Don't just look at the cover logo of the audit report; scan for whether issues are marked as "fixed/accepted risk/next time," because those reports with a bunch of medium-high risk issues ending with "team promises future optimization" make me put my hands back and have a coffee.



The multi-signature upgrade part is even more critical, basically about "whether rules can be changed in the future." I look at how many people are involved in multi-sig, the threshold for signatures, whether signers are decentralized, and ideally if there's a timelock to give everyone reaction time. Otherwise, upgrading with one signature in the middle of the night means you might not even have time to run. Recently, someone was complaining about on-chain data tools, tagging systems being laggy and easily misleading. I no longer trust those "security tags" much; at most, I treat them as hints. If you're really going to act, better double-check the on-chain data and permissions yourself... I say I won't chase after high prices, but when I see the floor start to shake, I get nervous again. Sigh, just leave it at that for now.
View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • Comment
  • Repost
  • Share
Comment
Add a comment
Add a comment
No comments
  • Pinned