I went through the GitHub pages and audit reports of several projects and found something—many beginners simply don’t know how to assess “trustworthiness.” They just see the auditor’s name and assume it’s solid.



To be honest, I’m not a technical expert either, but after looking at this for a long time, I picked up some tricks. GitHub activity is actually pretty important. It’s not just about the number of stars—you should also look at commit frequency, whether issues get replies, and whether the code is newly written templates or something old. For audit reports, don’t just look at the conclusion either. You need to dig into the “limitations” section and see what they admit they didn’t test—some projects specifically pick vulnerabilities outside the audit scope and play edge-case games.

For multisig upgrades—the simplest thing—check the number of signers and the distribution of addresses. If it’s all the same group of people, then it’s not much different from a single-sig.

As for the modular stuff everyone’s been hyping lately, on-chain capital flows still look pretty much the same. Users don’t really care what the DA layer is; as long as Gas hasn’t gone down and the experience hasn’t changed. In plain terms, the hype is in the narrative, not in on-chain data. That’s it for now.
View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • Comment
  • Repost
  • Share
Comment
Add a comment
Add a comment
No comments
  • Pinned