Accepting a role at the wrong project can mean months of unpaid work, a damaged reputation, and legal risk. Use this checklist before signing any offer.
Team verification
- Are founders publicly known with verifiable track records?
- Search for their names on LinkedIn, Twitter, GitHub. Do their histories check out?
- Has the team been doxxed through a reputable third party (e.g. Worldcoin's proof of personhood)?
Financials & token
- Is the token distribution documented publicly?
- What % is locked, and for how long?
- Check token unlock calendars on TokenUnlocks.io.
- Is there a reasonable TVL-to-market-cap ratio?
Technical audit
- Are core contracts audited by a reputable firm (Trail of Bits, OpenZeppelin, CertiK, Spearbit)?
- Is the audit report public?
- Were critical issues found and remediated?
Governance
- Is the admin key renounced or held by a multi-sig?
- Is there a timelock on critical upgrades?
- Are governance proposals transparent?
Red flags
- Anonymous team + no audit = high risk.
- Unrealistic token valuations and marketing-heavy narratives.
- Copy-pasted codebases with no original research.
- Anonymous "investors" who are just token buyers.