Polygon Labs engineer: Blast is not Layer 2, and the contract is only controlled by 3/5 multi-signatures of anonymous new addresses

On November 23, Polygon Labs developer relations engineer Jarrod Watts stated that the Blast contract is an upgradable contract controlled by a 3/5 multi-signature, with all 5 addresses being anonymous new addresses. Blast may execute code upgrades and immediately steal funds through multi-signature, although many other Layer 2 solutions, including Arbitrum, currently have the same functionality. However, (currently) Blast is not Layer 2, but only a smart contract that accepts user funds and invests them in protocols such as Lido. There is no test network, no trading, no bridge, no rollup, and no transaction data sent to Ethereum. If the 3/5 multi-signature controlling the contract does not "do the right thing" in the future, users will not be able to withdraw money deposited in the Blast contract at any time.
In response, SlowMist founder Yu Xian stated that the Blast contract is indeed an upgradable contract, controlled by a 3/5 multi-signature (unknown who the 5 people are) and has no time lock. If they want to run away, they can upgrade a malicious logic contract with multi-signature or set a malicious mainnetBridge with enableTransition. Currently, Blast, except for the contract deployed on Ethereum, is a play on the split of centralized Web2 projects, but has endorsements from several well-known institutions. Users still trust projects endorsed by institutions more.