Operator and Admin

This lens is for systems whose practical leverage sits with the humans and organizations running the machinery behind the product surface.

Questions worth asking:

• Which operator can halt, route, approve, deny, recover, or reconfigure activity?
• What looks trust-minimized in contracts but stays admin-heavy in custody, relaying, indexing, or support?
• Which powers are explicit onchain, and which still live in dashboards, infrastructure, or runbooks?
• If the operator vanished, what would actually keep working?

Curated comparison set

• Shared-custody and hosted-wallet operators: fireblocks, bitgo, and cobo
• Session and wallet-ops operators: walletconnect-network, privy, and turnkey
• Bitcoin coordination operators: wasabi, joinmarket, and wabisabi
• Rollup and chain operators hiding behind broader brands: optimism, caldera, based-op, and coinbase-developer-platform

Keep the boundary explicit

• Contract-level openness does not remove operator power in relays, support workflows, wallet policy, or recovery paths.
• Chain brands often hide the real admin surface in sequencer, prover, gateway, wallet, or launch-stack operations.
• Coordination-heavy privacy and custody systems should be read through their live operators, not only their cryptography.

Focused traversal notes

• wallet-and-custody-control-planes
• bitcoin-coinjoin-coordination
• rollup-operator-control-planes

Useful comparison question

When a system claims to be open infrastructure, which operator still owns the part users actually depend on?

Adjacent lens

• permissions-and-policy