Welcome to DeFi Watch
Disclaimer
DeFi Values
Why do we need DeFi Watch?
The DeFi North Star (updated 9 Mar)
Admin Key OpSec Risk
What is admin key risk?
Project Reviews
Aave
bZx
Compound
DDEX
Dharma
dYdX
iearn.finance
InstaDapp
MakerDAO
Nexus Mutual
Nuo
PoolTogether
Synthetix
Token Sets
Uniswap
Oracle Risk
Coming Soon
Additional Resources
Recommended Reading
DeFi Score
More on Chris Blec
Chris Blec on YouTube
Chris Blec on Twitter
Powered by GitBook

Aave

Aave's protocol is 100% upgradeable via an admin key that is owned by an Aragon DAO. The DAO has 5 members and can approve admin key transactions with 3 "Yes" votes on a proposal. The key is capable of making sweeping changes to the protocol.

Is the security of user funds dependent on opsec of admin key?

Yes ⚠️

Current Admin Key Config

Timelock: None ⚠️ Multisig: 3-of-5 (via Aragon DAO)

Claimed Admin Key OpSec

"DAO voting keys in cold storage"

Verified Admin Key OpSec

Unverifiable ⚠️

Admin Key Address

(This is Aave's Aragon DAO contract.) https://etherscan.io/address/0xcd8393b5b0ec5ab8dad4e648f709be6bac11874d

More Info & Documentation

Open Zeppelin Audit Summary Aave Security Report

Admin Key OpSec Risk - Previous
Project Reviews
Next
bZx
Last updated 4 months ago
Edit on GitHub
Contents
Is the security of user funds dependent on opsec of admin key?
Current Admin Key Config
Claimed Admin Key OpSec
Verified Admin Key OpSec
Admin Key Address
More Info & Documentation