How to do a Technical Study of Web3 project

Mohnish Isaac Kariappa
Published in
5 min readMay 26, 2022



There are multiple underlying features that could also make way in your project study would be the USPs that are common with the already other existing projects, like liquidity pool, native marketplace, HODLing benefits (airdrops, exclusive access…), how the project mechanism makes the coin deflationary or inflationary in nature.

Adding further to this, I would also check for red flags 🚩 with the project. As a good study, you should absolutely focus on the missing pieces of the puzzles as well. In my books, the exclusion of a project whitepaper is an absolute BIG NO and a major cause of concern. I also note down and hammer special emphasis on, if the project has included a vague roadmap, because some projects actually include roadmaps just to make the average Joe believe in it. ❌

Finally, I would also note down if the projects have very little to no USPs. Then the question arises — what’s the purpose of the projects existence? What existing gap does it aim to bridge through its offering and exactly what kind of real-world utility does it bring to the table, if it brings any at all? Project with no utility always end up being rugpulls, so be cautious.

Audit Reports

This is the most important layer that will define the security of a project and its contract. A successfully published audit report should be available for public scrutiny and would include any areas of risk factors.

Something you should give a lot of weightage to within this area of study is the extent of centralisation of the project. Having majority portion of the project funds concentrated in the control of a single team member is a huge red-flag 🚩 for me. Such projects will always have a loophole that hackers could exploit. The more a project is decentralised, the better would be smooth functioning of the protocol.

Centralisation risks are, but not limited to:

  • How vulnerable is the smart contract to hack?
  • How easily can a hacker change codes?
  • Would any loophole expose a threat to liquidity?

Good auditing firms like Hacken, always highlight the risks and the potential exploit that risk might bring with it. They would also make the most suitable suggestions to mitigate these risks, and advice whether the mitigation can be executed via multi-signature wallets, multi-level factor authorisation etc…

While studying a project, always have a look at the audit report and focus on the potential risk areas for your report. This will also be a super powerful educational tool for your own study and research, helping you understand the entire working mechanism of the project in a much better way.

Team & Advisors

Imagine having a very shiny project being marketed in front of you, deploying the best marketing tools and being served as the next big thing in crypto…but there’s a catch! The team is made up of some Anime character name with no public visibility whatsoever. Would you be interested in putting your money on this? I guess not.

Most DeFi projects usually keep their team members anonymous. This maybe out of choice or for other professional reasons, but many a times, this anonymity is kept to rug the investors. So how to safeguard yourself?

Well with advancement of the crypto space, there is a KYC audit framework in place for team members who want to remain anonymous. The project team members have their identity verified by the Audit team and an NFT is submitted as a proof of KYC audit completion. This process keeps the identity of the team private, but you can be rest assured that the actual team is legit and can be held accountable in turn of events, when an internal team-member has made use of an exploit and siphoned off user funds through malicious means.

Another option is getting the project team Fully Doxxed. This is where the information on the team is made public, with links to credible sources, such as, their public LinkedIn profile and will provide a complete history and qualification of the said team-member in question.

Sadly, both the above process do not guarantee a completely safe project &/or the team having 100% integrity, but there is at least a relief that the information is somewhat shared and partially public. Any team that is operating on 100% anonymity is a HUGE RED FLAG 🚩 for me and I will absolutely steer clear from such project, irrespective of the gains I might miss out on.

Partners &/or VC investors

This would my second-priority while studying a project. Having a big-name partner backing &/or VC investors shows that the project & the team is worth their salt.

Exactly the way a Web3 project like Ethereum-Push-Notification-Service (EPNS) got backing from CoinDCX — you can be fully rest assured that there was due diligence done by the investor teams before money was pumped in. Any Layer-1 or Layer-2 project should have a partnership backing and an absence of the same is a huge red flag 🚩 in your book.

A huge thank you to CoinDCX for giving me this opportunity to write such a detailed report and be a part of the #CoinDCXpathbreaker program, enabling me to share such knowledge with everyone in the crypto space.

Join Coinmonks Telegram Channel and Youtube Channel learn about crypto trading and investing

Also, Read



Mohnish Isaac Kariappa

I make use of advanced Technical Tools and On-Chain Data to make crypto easy to understand for everyone in the crypto community.