HomeDeFiDeFi and admin keys: an unsolved problem

DeFi and admin keys: an unsolved problem

The latest events in the DeFi sector involving Fulcrum have highlighted the problems related to the management of platform keys held by the administrators.

When talking about decentralized finance (DeFi) there is a tendency to apply high levels of trust derived from the narrative linked to the Ethereum blockchain, its resilience and immutability. 

In reality, when it comes to DeFi platforms, there are increased risks: one of them is linked to the private keys held by the platform administrators, who have the ability to modify the rules of the contract in an arbitrary manner.

With over $1 billion of total value locked within these contracts – which recently fell below this value due to an unexpected problem – DeFi has begun to capture the imagination of the world. 

The dream of an open financial system that is resistant to censorship, without the need to trust the middleman and with an open-source nature, seems closer than ever before.

This has attracted capital and innovative development teams to create new platforms capable of dominating this new market. 

However, it is very difficult to achieve the goal of disintermediation without making compromises, like the ones faced by Compound & co.

As these platforms mature, it will be up to the community to make sure they continue to move towards their ultimate goal. Unless goals and expectations for DeFi projects are set now, then they might never reach their full potential.

Many DeFi protocols and products that are able to accept deposits are protected by an “administration key”. This key is typically an Ethereum smart contract that can update the protocol or product in many ways.

Most administration keys are securely secured by features like Timelock and Multisig

No DeFi project can prove that the operational security of their administration key is strong, simply because declaring it would make it less so.

This means that the only way users can really feel safe while using these DeFi products today is to rely on the expertise of the team and their ability to protect administration keys.

How does Timelock work in DeFi

Every relationship with the deposited tokens and those provided by DeFi platforms is governed by a smart contract.

It is possible to set by code, and therefore in a verifiable way a priori, a fixed delay time in the application of any change to the reference smart contract. The time will be marked by the number of blocks that must elapse between the modification of the contract and its actual activation. Once set, no one can reduce the waiting time.

This system allows for a reaction time within which, in the event of an unexpected change that is not agreed upon or malicious, it is possible to unlock the funds and secure them.

This is what some actors in the ecosystem provide.

Platform and private key management:

  • MakerDao, Decentralized governance;
  • Instadapp, no admin key or ability to modify;
  • Uniswap, no admin key or ability to modify;
  • Compound2 days timelock;
  • TokenSets, No timelock;
  • Aave, No timelock (Dao security model Aragon coming soon);
  • dYdX, days timelock;
  • PoolTogether, No timelock;
  • Dharma, 7 days timelock;
  • Ddex, 3 days timelock;
  • Synthetix, info not available;
  • Nuo, info not available.

Wallet Multisig in the DeFi world

Each time the contract is changed, an Ethereum wallet is accessed that allows signing transactions and changing the records in the blockchain. To do this, one security solution that allows a greater distribution of power is to use a Multisig.

Several private keys are distributed to founders or trustees and a minimum number of them together allows access to the contract.

It is worth remembering that, regardless of what is declared by the teams, the function of Multisig also requires trust. No one can control who the keys are distributed to and whether they are not in the possession of a single person, thus increasing the risks.

Platform Multisig key Systems:

  • MakerDao, Decentralized governance;
  • Instadapp, no admin key or ability to modify;
  • Uniswap, no admin key or ability to modify;
  • Compound, No Multisig;
  • TokenSets2, keys out of 3;
  • Aave, 3 keys out of 5 Dao security model Aragon;
  • dYdX, 2 keys out of 3 ;
  • PoolTogether, 2 keys out of N – Gnosis system;
  • Dharma, 3 keys out of 5;
  • Ddex, 2 keys out of 3;
  • Synthetix, info not available;
  • Nuo, info not available.

The success of DeFi relies also on the community

In such a pioneering phase, the success of this ecosystem relies on the seeds that are planted in the early days. There are already centralized exchanges flooding the news with hacks, stolen money and scams

DeFi must differentiate themselves for their security and disintermediation, otherwise, in the long run, they will never be able to establish themselves outside this small user base.

The users’ demand for a transparent and auditable system is fundamental. Safe practices and risk mitigation must be fundamental practices on the part of those who ask the community for capital during the activation of developed contracts.

It is up to the community to demand solid foundations on which to build the finance of the future.


Lorenzo Dalvit
Lorenzo Dalvit
Blockchain enthusiast tutor, expert in sales and marketing, social community manager, artistic director, musician, lover of disruptive paradigms and life. All my skill are about human interaction and connection