Admin EOA signing from new geography/device

Beefy Finance's assessment for RD-F-107 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

T-09 phase-2 signal. Requires off-chain signing telemetry (MPC session data, device fingerprint from hardware signing) that is not publicly accessible. Cannot assess admin EOA signing geography/device consistency from public OSINT. Beefy dev multisig is a Gnosis Safe — signing can be done from any device without leaving a public device fingerprint. Assessment is structurally not possible without access to signing infrastructure telemetry.

Sources #

Docs
Beefy Contracts and TimelocksBeefy dev multisig — Gnosis Safe (signing geography not publicly attributable)retrieved 2026-05-16

Methodology #

Detect whether an admin/upgrader EOA signs from a geography or device fingerprint inconsistent with prior signing history.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol beefy factor RD-F-107 score gray collected_at 2026-05-16 13:10:30