Admin key policies and multisig composition are not surfaced at the point of deposit.
Pillar: Safety
The problem
The governance structure of a protocol — who holds the admin keys, what time-lock (if any) applies, how many signers are required, and the history of how those keys have been used — is not presented to users at the moment of deposit.
A user has no way to evaluate whether ‘the team controls a 3-of-5 multisig with no time-lock’ before committing capital, except by reading documentation they are rarely shown.
Why it matters
- Safety: I cannot assess protocol risk without external research.
- Agency: I cannot give informed consent to a governance structure I cannot see.
What exists today
DeFiSafety, L2Beat, and similar risk scoring projects provide this information. Not integrated into protocol UIs or wallets at point of decision.
The gap
No standard for surfacing governance parameters at the point of deposit.
Open questions
- What’s the minimum governance disclosure a protocol should be required to surface?
- Can this be encoded as a machine-readable metadata standard?