Admin Keys are a form of centralized control in a crypto or DeFi project which allows the developers or founders to change the rules of their smart contract or blockchain. In effect, admin keys present serious counterparty risk which threatens the security of your digital assets.
You’re down at your local bank branch signing up for a new account and something in one of the forms catches your eye. You look at it more closely and are shocked by what you see. In the fine print, hidden amongst the terms and conditions, reads “The bank reserves the right to change your account balance at any time.”
You ask the teller to check if it means what you think it means. They confirm that it’s exactly what it sounds like – the bank can simply zero out your account if they ever feel like it. Would you sign up for that account? No way!
But guess what, that’s essentially how many crypto projects operate – with ‘god mode’ admin keys that can be used to invalidate your coins and change your account balance at any time.
As even no-coiners know, the crypto space is famous for crypto scams and rug-pulls, and the way these rug-pulls are often carried out is by developers using their admin keys to effectively steal from their users. So, if you’re researching a project and learn that the developers have admin keys, you should think very long and hard before investing in it. By the way, you might not be surprised to learn that almost all meme coins have admin keys. Do with that knowledge what you will.
So if a project doesn’t have admin keys, then you’re safe from being rugged, right?
If you’ve never heard of a DAO, it stands for Decentralized Autonomous Organization. The way most DAOs work is that holders of a particular ‘governance’ token have the right to vote on decisions that will affect the protocol – and because anyone can buy and hold the token, it’s ‘decentralized’. At least that’s the idea.
In reality, developers will often hold a huge majority of the DAO token, meaning they retain all the power to make decisions on everything from liquidity to the protocol’s APY and more.
Many well-known protocols advertise as having no admin keys, which is true for parts of their project, but conveniently neglect to mention that the developers still have a ton of control to shift the goalposts whenever they want. In essence, they’re not truly decentralized at all.
We’ve done some digging on the top DeFi yield protocols and whether they’re governed through a DAO or not.
Aave (Multichain) – Governance via DAO
Compound (Ethereum) – Governance via DAO
Curve (Multichain) – Governance via DAO
MakerDao (Ethereum) – Governance via DAO
Uniswap (Ethereum) – Governance via DAO
HEX (Soon to be multichain) – No admin keys, no governance (AKA true DeFi)
Liquid Loans (PulseChain) – No admin keys, no governance (AKA true DeFi)
The best way to ensure you have chosen a safe crypto project is to make sure it does not have any admin keys or governance via decentralized autonomous organization and that the code is immutable.
If you want to check whether a project has admin keys, a good place to start is by searching the code for the word “ownable”. If it’s there, then the project has admin keys and the protocol is not immutable. Another thing you can do is search the contract for the word “address”. If present, you can check to see if the address is hard-coded, and if it is, what that address is being used for – it could be the address of another contract, or it could be being used as an admin key.
It pays to note, though, that immutability is a double edged sword. If a bug is found in code that is not immutable, then developers can simply go in and fix the bug. But if the code is immutable (and therefore locked), there’s nothing that can be done – other than redeploying the protocol and telling all existing users to stop using the buggy version, a highly undesirable outcome.
Basically, immutable code has to be PERFECT, which is why Liquid Loans has spent a huge amount of time and effort making sure that our code is absolutely as robust as possible.
Centralized exchanges are risky because they have admin keys which gives them the ability to freeze, move, or steal your digital assets if they wanted to. Coinbase, Binance, and Kraken all have admin keys.
You’ve probably heard the phrase ‘Not your keys, not your coins’. If not, it’s fairly self-explanatory! When you keep your crypto on an exchange or give it to a centralized yield platform, you are quite literally giving up custody of your crypto. Does this mean you will definitely lose your money? Of course not, but the risk is always there, and crypto exchanges are hacked frequently.
Liquid Loans takes more of a purist approach to DeFi, with no admin keys, no governance and code that is completely immutable. This is why we often say Liquid Loans is ‘True DeFi’
Before deployment, Liquid Loans will be professionally third-party audited and the full report will be made publicly available.
Join The Leading Crypto ChannelJOIN
Disclaimer:Please note that nothing on this website constitutes financial advice. Whilst every effort has been made to ensure that the information provided on this website is accurate, individuals must not rely on this information to make a financial or investment decision. Before making any decision, we strongly recommend you consult a qualified professional who should take into account your specific investment objectives, financial situation and individual needs.
Connor is a US-based digital marketer and writer. He has a diverse military and academic background, but developed a passion over the years for blockchain and DeFi because of their potential to provide censorship resistance and financial freedom. Connor is dedicated to educating and inspiring others in the space, and is an active member and investor in the Ethereum, Hex, and PulseChain communities.