To be honest, the number of stars on GitHub doesn’t really mean much. I’ve seen a bunch of v2 audit reports written really beautifully, but the multisig upgrades are controlled by just two or three people. What you really need to look at is whether there’s a third-party audit, whether there’s a timelock, and whether changing multisig parameters requires everyone to vote and approve. During that stretch when hardware wallets were out of stock, phishing links came one after another—so I actually feel like at a time like this, security awareness matters even more than buying a new wallet. The habit of saving screenshots is like a meme—click “done” and move on—but it’s still better than actually having everything crash for real. Those “critical” and “medium” vulnerabilities in audit reports are mostly the usual, well-known playbook. Even if you don’t read it in a formal way, you can still tell what’s going on with a bit of common sense—don’t treat it like scripture. Anyway, for beginners, just keep an eye on the multisig members and the upgrade permissions, and don’t let the project team quietly modify the contract under the banner of “audit passed.”

View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • Comment
  • Repost
  • Share
Comment
Add a comment
Add a comment
No comments
  • Pinned