My main issue it the current SWOP.FI stuff.
I hardly believe that the Waves team is promoting a potential scam.
Look at all the contracts source (taken from
https://github.com/swopfi/swopfi-smart-contracts):
@Verifier(tx)
func verify() = match tx {
case _ => {
let adminPubKey1Signed = if sigVerify(tx.bodyBytes, tx.proofs[0], adminPubKey1) then 1 else 0
let adminPubKey2Signed = if sigVerify(tx.bodyBytes, tx.proofs[1], adminPubKey2) then 1 else 0
let adminPubKey3Signed = if sigVerify(tx.bodyBytes, tx.proofs[2], adminPubKey3) then 1 else 0
adminPubKey1Signed + adminPubKey2Signed + adminPubKey3Signed >= 2
}
}
The Verifier function allow by a multisig to withdraw and control the funds (it also allow to update the dApp script).
It mean that if 2 peoples on 3 decide to run away with all the fund: the dApp will allow it.
We don't even know if their is 3 peoples or just 1...
The dApp point is to decentralize stuff the prevent trusting a third party.
In that case the third party has all the right (dApp update + funds control), so you must trust it.