When investing in a project, the security of the protocol is paramount, otherwise you will end up investing in scam projects. Crypto scams went from $907 million in 2021 to a staggering $2.57 billion in 2022. If you want to avoid such scams you need to be alert. In this article, we discuss how to do proper due diligence in the security of a protocol before investing in it.
6 Questions to Ask Yourself When Doing Due Diligence in a Project
These questions will not only help you in investing in long term projects, but also in sniping in and out from new project launches. These have been proven to be the holy grail of avoiding scams. Let’s dive in.
1. Is the team anonymous?
This question is usually important because a project team that is anonymous (anon) raises eyebrows. Investors wonder if the team is trying to hide something or escape responsibility and accountability.
However, as with everything in crypto, remaining pseudonymous requires effort. The space is filled with smart and tech savvy investors. An anonymous developer can create security risks. Without knowing who is responsible for the codebase or project development, it becomes difficult to ensure that proper security practices are followed.
Some have argued that Some of the most trusted contracts in all of DeFi were written by Anons. Examples include Sushiswap, GMX, and Convex. While this is a valid point, if the Sushi founder decides to chuck users’ funds, no one would know where to get him.
2. Is there Twitter activity?
Good projects post regularly on Twitter. This can range from several times a week to several times bi-weekly. A project that goes a whole month without posting any project updates or just anything is usually suspect.
Their most recent tweet should not be a long while ago – preferably should be in the current month. The posts can be about anything really, but usually you want to see news and industry updates, real-time feedback and insights, marketing and promotion, networking and partnerships, and brand building and awareness.
3. Is the contract(s) audited?
An audited contract provides valuable assurances, it does not guarantee a project’s success or eliminate all risks. However, combined with all the other factors explored in this article, it creates an almost scam-proof and risk-averse investment strategy.
Audits primarily focus on code security and quality, and other aspects of a project, such as the team’s competence, business model, or market dynamics, should also be evaluated.
The audits ensure investor protection, regulatory compliance, security and code quality, and trust and confidence in the project. There are many projects in the space that offer audit services, but the best by far is Certik.
4. Is the contract ownership renounced?
While there may be cases where maintaining some level of ownership or control is necessary or desirable, renouncing contract ownership can be a positive practice. It enhances the project’s trust and credibility, contributes to the long-term sustainability of a project, and greatly reduces the risk of exit scams.
Without ownership control, the developers cannot easily manipulate or misuse the contract to deceive or defraud participants. Additionally, with the contract renounced, the community gains more influence and control over the project’s development and decision-making processes.
And finally, renouncing contract ownership aligns with the principles of decentralization and trustlessness that are fundamental to many blockchain projects.
5. Is the treasury wallet secured with multisig?
The multisig security mechanism is used in cryptocurrency wallets and transactions to enhance security and protect against unauthorized access or fraudulent activities. involves multiple parties jointly authorizing and validating transactions, adding an extra layer of protection.
You want the multisig parties to be people who cannot be easily swayed or bought into cooperating with fraudulent practices. Most projects go for reputable industry leaders who will accept the role.
You do not want a multisig group that you know nothing about. Famous and vocal crypto industry leaders are accountable to the people and will not do anything to jeopardize their stance.
6. Is there a whitepaper?
This is an important piece of document and very key in the due diligence process. The documents contain critical information issued by the project.Investors need this information to make their decisions.
A white paper demonstrates transparency and a commitment to clear communication. It shows the project is legitimate and credible, by providing transparent information. Inside the document you will find a roadmap outlining the project’s planned development milestones.
You will also find details about the token’s distribution, utility, and any economic incentives, information about the project’s team members, their backgrounds, and expertise, and the technical aspects of the project.
If a project does not have a whitepaper, it shows lack of seriousness, and perhaps the protocol is planning to pull an exit scam soon.
In the journey of picking out the right protocol to invest in, these are not the only questions you will ask yourself, but they form part of the major questions you must ask. Every project is unique and so, do not remain rigid on just these 6 questions. For instance, if a project has no partnerships even after 6 months of existing, that might be a red flag. Remember to use these questions in the context of other factors to get a clearer picture of the state of the project.