By: Eva Baxter
In just four days since its launch, Web3 protocol Blast network has accrued an impressive $400 million in total locked value (TVL). However, the network's rapid success has not come without controversy, with claims that its multisignature upgrade functionality makes it too centralized.
Jarrod Watts, a developer relations engineer at Polygon Labs, has voiced concerns about potential security risks due to Blast's alleged centralization. He stated that if an attacker gains control of three out of five of the team members' keys, they could steal all of the crypto deposited into Blast's contracts.
Watts also challenged Blast's claim of being a layer-2 solution. According to him, Blast merely accepts and stakes users' funds into other protocols without utilizing a bridge or testnet for transactions. He also noted that the network currently lacks a withdrawal function, leaving users reliant on the developers implementing this feature in the future.
Despite the raised concerns, Blast insists its protocol is as secure as other layer-2 solutions, arguing that security exists on a spectrum with many nuances. The Blast team maintains that their contracts are upgradeable precisely for the purpose of managing risk and exposing potential bugs. They revealed that the keys for the Safe account are kept in geographically separated cold storage and managed by an independent party, ensuring a high degree of protection for user funds.