This post is the second in our series on digital assets and real-world safety. For those who haven’t read it yet, you can find part one here.
Account‑Based Models Fall Short. Full stop. We believe the weaknesses of the Account-based model should be more discussed across the industry, because often the points of exposure are glossed over in an effort to drive faster adoption. But at what cost?
Most smart contract platforms are account‑based and this model creates real operational risks.
Single owner, single choke point, means that every contract and balance is “owned” by an account. This opens up every single smart contract transaction and any later added custody primitives to compromise or coercion (For more info, see any of the following A, B, C, D, & E). To further exacerbate the issue, this can cascade control across contracts. Meaning that if the one account that owns the smart contract is compromised, everyone loses their money.
Another critical concern in these ecosystems is third‑party control surfaces, such as admin keys, upgradeable contracts, custodial MPC signers, and infinite token approvals that introduce durable control pathways. If any of these are phished, coerced, or insider‑abused, assets can be drained.
I like to call this design choice, “hot key gravity,” because accounts must stay online to interact, keys or session tokens often live closer to the internet with no ability to be airgapped without breaking the contract, raising exposure. This weakness coupled with stateful pitfalls including complex, mutable account state (allowances, delegates, upgraders) creates room for massive mistakes and attack angles that persist beyond a single transaction.
In account models, even “decentralized” custody often routes through centralized control points. And this significantly weakens resilience to both cyber-compromise and real‑world coercion.
So, what should be the standard? How can we continue to drive further adoption while also maintaining security for folks’ assets? Coins, Not Accounts. Next installment, I’ll deep dive into how and why the coin model matters for digital assets and what we can do with it going forward.
For those who haven’t read part 1 of this series, find it here.