This is the typical reaction I see from people when they learn about the security guarantees provided by Hydra applications.
Hydra only gives you L1-equivalent security if you are a participant in the head (running a node as a participant in that Hydra head). If you’re not, your funds are in the custody of the head participants: a unanimous quorum can spend them however they want without your consent.
Delegated authority Hydra topology apps:
I as a user am not a participant in the hydra head (I am not running a hydra node), then:
1. I lose custody of all funds that I deposit into this application.
2. The hydra head participants can, with unanimous quorum, do whatever they want with my funds.
Direct participation Hydra topology dApps:
I, the user, am a direct participant in the hydra head. I am running a hydra node that is a participant in the hydra head deployment for this application, then:
1. I have full custody over all funds that I deposit into this application.
2. The hydra head participants cannot steal my funds, even if they all collude against me, because as a direct participant, my node will not consent, and thus unanimous consent cannot be reached.
Quote
Meta Yosh
@MetaverseYosh
Replying to @Quantumplation and @gotta_anon
Wait.. what?