Welcome to DeFi Watch
Disclaimer
DeFi Values
Why do we need DeFi Watch?
The DeFi North Star (updated 9 Mar)
Admin Key OpSec Risk
What is admin key risk?
Project Reviews
Aave
bZx
Compound
DDEX
Dharma
dYdX
iearn.finance
InstaDapp
MakerDAO
Nexus Mutual
Nuo
PoolTogether
Synthetix
Token Sets
Uniswap
Oracle Risk
Coming Soon
Additional Resources
Recommended Reading
DeFi Score
More on Chris Blec
Chris Blec on YouTube
Chris Blec on Twitter
Powered by GitBook

Compound

Compound's protocol is upgradeable via a single admin key with a 2-day timelock. Compound claims to use an "offline multi-party process" for key security.

Update: Feb 26, 2020 Compound has announced the development of a token-based governance system which would aim to eliminate the need for the admin key described here. Transition date is still TBD.

Is the security of user funds dependent on opsec of admin key?

Yes ⚠️

Current Admin Key Config

Timelock: 2 days Multisig: None

Claimed Admin Key OpSec

"Offline multi-party process"

Verified Admin Key OpSec

Unverifiable ⚠️

Admin Key Address

https://etherscan.io/address/0x6d903f6003cca6255d85cca4d3b5e5146dc33925

More Info & Documentation

Open Zeppelin Audit Summary Compound Blog Post on Governance Compound Timelock Interface

Previous
bZx
Next
DDEX
Last updated 3 months ago
Edit on GitHub
Contents
Is the security of user funds dependent on opsec of admin key?
Current Admin Key Config
Claimed Admin Key OpSec
Verified Admin Key OpSec
Admin Key Address
More Info & Documentation