★ Sudden admin-rescue/ACL change without discussion

Balancer (v2 + v3)'s assessment for RD-F-123 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

BIP-883 (October 2025) reduced emergency safe threshold 4/7 to 3/7 and revoked VaultAdmin.disableQueryPermanently() permission, with forum post on 2025-10-29 and Snapshot vote on 2025-10-31 (2-day window, citing internal Security Council Meeting Notes). November 2025 emergency pool pauses (Shezmu, uniBTC) were documented defensive responses to external token exploits per Emergency Sub-DAO Q4 2024–Jan 2025 activity report. Emergency Sub-DAO signer set updated per BIP-652 (June 2024) through formal governance. No evidence of a completely undiscussed surprise admin-rescue in last 180 days. YELLOW for the abbreviated BIP-883 discussion window on a governance-control change.

Sources #

Docs
Balancer Emergency Governance — GitHub docsBalancer emergency governance documentation on GitHubretrieved 2026-05-05
Governance
Emergency Sub-DAO Activity Q4 2024 — Balancer ForumEmergency Sub-DAO Activity Q4 2024 – Jan 2025 — documents pool pauses as defensive responses to external exploitsretrieved 2026-05-05
Governance
BIP-883 Emergency Safe Governance Improvements — Balancer ForumBIP-883 Emergency Safe Governance Improvements Q4 2025 — threshold reduction 4/7 to 3/7, forum post 2025-10-29retrieved 2026-05-05

Methodology #

Determine whether any admin-rescue function or ACL change was committed to the repo or executed on-chain without corresponding public discussion in issues, PRs, or governance forum.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol balancer factor RD-F-123 score yellow collected_at 2026-05-05 12:41:36