Nuo

Nuo's smart contracts are protected by a single admin key that has no timelock and no multisig protection. The admin key is capable of making changes to critical parts of the smart contract ecosystem and could endanger user funds if used maliciously.

Is the security of user funds dependent on opsec of admin key?

Yes ⚠️

Current Admin Key Config

Timelock: None ⚠️ Multisig: None

Claimed Admin Key OpSec

None

Verified Admin Key OpSec

The past, present & future security of the 1 admin key is unverifiable. ⚠️

Admin Key Address

https://etherscan.io/address/0x3e990e787a88cd4426fb3af9b90dd1d951e2cb87

Response from Developer

We don't have full power when it comes to upgradeability. However, if the admin key is compromised and is used maliciously, yes, the users fund would be at risks because as explained in our previous chats, the admin key has ability to allow permissions for new versions of loans and trade contracts to access reserve funds.

More Info & Documentation

No documentation available ⚠️