Toly Wants Crypto to Stop Trusting Admin Keys
Solana co-founder Anatoly Yakovenko just made a very public argument against one of DeFi’s most common design habits: keeping emergency admin control.
In a post on X, Yakovenko said developers should “reject modernity” and return to open-source immutable software, arguing he is now more bullish than ever on removing admin keys entirely because formal verification tools have become strong enough to make that realistic. He linked his new project, Percolator, and made the challenge simple: he deployed an immutable binary with admin keys burned, funded the insurance vault with about 5 SOL, and invited anyone to try hacking it. If someone can manipulate the engine and steal the funds — especially using AI to do it — he says he will do his best to help them land a job or even angel investment.
That is not just a security stunt.
It is a direct criticism of how much of DeFi still depends on trusted humans pretending to be decentralized infrastructure.
Percolator Is Built Around One Uncomfortable Idea
Most DeFi protocols sell flexibility as a feature.
Admin controls allow emergency upgrades, risk parameter changes, insurance withdrawals, and fast intervention when things break. Users tolerate that because the alternative feels dangerous.
Yakovenko is arguing the opposite.
Percolator’s mainnet test deployment explicitly lists the program as “admin-free,” with the upgrade authority burned and all three market authorizations removed. The README states there is no way to modify the market, withdraw the insurance vault, or change core parameters after deployment. Anyone can verify the deployed binary hash locally against the source.
That means no rescue button.
No hidden override.
No founder intervention.
As we explored in our earlier look at how Arbitrum’s KelpDAO freeze saved $71 million but reopened crypto’s hardest decentralization question, the moment users realize someone can intervene, the entire definition of decentralization starts changing.
Toly is trying to remove that question completely.
But There Is a Catch: Immutable Code Has to Be Right
This is where the story gets more interesting.
Percolator is also explicitly labeled experimental software and “not audited.” The repository warns users not to use it in production or with real funds. That matters because immutability only works if the underlying assumptions are correct. If bad code becomes permanent code, decentralization turns into a trap instead of a guarantee.
And there have already been real findings.
The project’s own published issue tracker documents a high-severity bug where trade margin checks originally used maintenance margin instead of initial margin, allowing users to open positions at roughly 2x intended leverage. The issue was later marked fixed, but it proves the exact tension Toly is forcing into the open: if you remove admin keys, your margin for mistakes gets brutally small.
This is exactly why formal verification matters to him.
The promise is not “trust me.”
The promise is “verify me.”
Security Through Immutability Is Becoming a Bigger Theme
This is not just a Solana-specific debate.
Across DeFi, more teams are being forced to choose between operational flexibility and credible neutrality. Users want protection during exploits, but they also want assurance that no one can seize funds or silently rewrite rules.
That tension became obvious after the KelpDAO exploit, where the debate shifted from the hack itself to whether emergency intervention was compatible with decentralization. We covered that earlier in how Wintermute’s CEO argued that DeFi innovation looks grim when composability turns one exploit into everyone’s problem, because once systems become too interconnected, every admin key starts looking like both a safety feature and a liability.
Percolator is a different answer.
Instead of building better intervention tools, it asks whether the best intervention is having none at all.
Why the AI Angle Matters
Toly’s mention of AI was not a throwaway line.
He specifically said he would be especially impressed if someone could use AI to find a real exploit instead of manually attacking the system. That reflects a broader shift in security thinking: attackers are increasingly using automation and model-assisted analysis, while defenders are starting to use the same tools for formal verification, attack simulation, and invariant testing.
We touched on a similar infrastructure shift in our earlier analysis of how AI and crypto infrastructure are colliding in more practical ways than the market expected, where compute is no longer just narrative fuel — it is becoming part of how protocols defend themselves.
In that world, “hack me if you can” becomes more than bravado.
It becomes a test of whether immutable finance can survive machine-speed adversaries.
BTCUSA Insight
Toly’s Percolator experiment is not really about 5 SOL.
It is about whether DeFi is mature enough to stop relying on trusted operators hiding behind decentralization branding.
Admin keys have always been a compromise. They make systems safer in emergencies, but they also make them less neutral. Burning them forces a harder standard: either the code is good enough, or the market should not trust it at all.
That is uncomfortable.
But it may also be necessary.
Crypto keeps saying “code is law.”
Percolator is one of the few projects actually trying to live like it means it.
