Sky, formerly known as CreatorDAOis under fire for using an external account (EOA) to manage $756 million in USD coin (USDC) reserves within its lightweight Ankle Stability Module (PSM). Concerns have been raised by one X user, highlighting the risks of relying on an EOA for such a large portion of Sky’s reserves.

Critics argue that this custody model leaves funds vulnerable to exploits, hacking attempts, or internal abuse, particularly in the absence of advanced security features such as multisignature authentication or time-limited transfers. The EOA-based model has long been criticized for lacking the transparency and guarantees associated with more secure options, such as smart contracts.

The controversy comes after Sky’s rebranding and introduction of lightweight PSM, a mechanism designed to help maintain its stablecoin’s anchor to the US dollar by allowing users to swap the stablecoin for USDC at a fixed rate. Sky intends to gradually transfer reserves from the old PSM to the new lightweight PSM in three phases, starting with a $20 million transfer.

Sky co-founder Rune Christensen responded to concerns by clarifying that the private keys required to “replenish the MPC account” were destroyed during the setup process with Coinbase Custody. He says this eliminates the risk of a compromised private key.

Despite this explanation, critics remain skeptical, as the issue of wallet control and transaction authorization remains unclear. Furthermore, the question of whether governance decisions can impose appropriate fund management measures has not been fully resolved.

Separately, Christensen plans to implement a deflationary tokenomics model for Sky, which would stop issuance of new tokens and gradually reduce the base supply of tokens. This decision would address insolvency risks by following the original tokenomics design, which relied on token issuances to “plug the hole”.