Honestly, when I first entered the space, if the project team posted an audit report, I’d think it was solid. And seeing a bunch of stars on GitHub also made it feel pretty impressive. But now, I mostly go and dig through who exactly the upgraded multisig Owner address belongs to, and whether changing parameters needs to wait 7-day timelock—because, at least in my view, no matter how beautifully the code is written, if you can get hold of a single private key in the multisig wallet, then you can change things whenever you want. Especially recently, with everyone talking about rate-cut expectations and risk assets moving together—up and down—I feel even more that market sentiment is one thing, but whether the contract behind it is truly transparent is the real prerequisite for survival. I don’t believe slogans like “open source equals secure” anymore; at least I need to take a look to see whether there’s a backdoor. Anyway, I’ve gotten used to being a lone wolf and checking things myself.

View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • Comment
  • Repost
  • Share
Comment
Add a comment
Add a comment
No comments
  • Pinned