With dYdX, you remain in full control of your funds at all times. There are no central intermediaries which hold your private keys. Your funds are secured by smart contracts at all times when they are on dYdX.
We take the security of our smart contracts extremely seriously. We’ve conducted rigorous internal testing and contracted top security firms such as Zeppelin Solutions (link) and Bramah Systems (link) to perform thorough audits of our systems. Our contracts and security audits are open-source, and verifiable by anyone.
Many protocols have an administrative account that can add or remove features from the protocol. In our case, the account can add new markets, change interest rate functions, or set new oracles for prices. This admin account is an on-chain multisignature wallet, making it publicly auditable. This multisig also has a 3-day delay for taking any actions, allowing us to cancel malicious actions or notify the public before they occur. We plan to increase this delay in the future.
Our track record speaks for itself: since launching our first product in October of 2018, dYdX is the only major DeFi lending protocol that has yet to receive a bug report of user funds being at-risk. No lenders have ever lost funds on dYdX.