An emergency switch yes, but a full control is not good.
An example of emergency switch that doesn't allow the admins to steal the users funds and reduce hacking damages:
1. You have an emergency function that freeze everything: deposits, withdrawals, interests, etc... It give times to the admins to find the issue.
2. If the issue can't be fixed for some reasons, the 2nd emergency function auto-transfer every single funds to an other already specified dApp address.
3. On that "emergency" dApp address, a simple script allow the users to redeem their funds with the tokens they got by lending, providing liquitidy, etc.... Nobody else can withdraw, including the admin team.
Want to see how look such script ?
I took 5min to write them. A fulltime team can do it easily. They just don't want.
# Function to freeze
@Callable(i)
func emergencyFreeze(enable: Boolean) = {
if(this != i.caller) then {
throw("Access denied")
} else {
[BooleanEntry("freeze", enable)]
}
}
# Place it on each callable function. If frozen just reject the request
func isFrozen() = {
match getBoolean(this, "freeze") {
case a: Boolean => a
case _ => false
}
}
# Emergency transfer function
@Callable(i)
func emergencyTransfer() = {
if(this != i.caller) then {
throw("Access denied")
} else {
let receivingAddr = "AddrThatIsAlreadyKnown"
[ScriptTransfer(...)]
}
}