Nuo's smart contracts are protected by a single admin key that has no timelock and no multisig protection. The admin key is capable of making changes to critical parts of the smart contract ecosystem and could endanger user funds if used maliciously.
Yes ⚠️
Timelock: None ⚠️ Multisig: None
None
The past, present & future security of the 1 admin key is unverifiable. ⚠️
https://etherscan.io/address/0x3e990e787a88cd4426fb3af9b90dd1d951e2cb87
We don't have full power when it comes to upgradeability. However, if the admin key is compromised and is used maliciously, yes, the users fund would be at risks because as explained in our previous chats, the admin key has ability to allow permissions for new versions of loans and trade contracts to access reserve funds.
No documentation available ⚠️