★ Sudden admin-rescue/ACL change without discussion
BENQI's assessment for RD-F-123 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
BENQI has no on-chain Governor and no dedicated governance forum (no Snapshot space, no Tally, no forum URL found as of 2026-05-16; cache governance.type: 'unknown'). Parameter changes are executed via team multisig per docs (docs.benqi.fi/resources/risks). Medium blog serves as the primary announcement channel. GitHub issues contain zero admin/ACL-change discussions (3 open issues are user-support only). Chaos Labs parameter-recommendation dashboards provide risk suggestions but are not a pre-execution public discussion venue. The structural absence of a ≥24h public pre-execution discussion mechanism for any admin or ACL change meets the yellow criterion for F123: multisig discretion without a formal public proposal process. No specific undisclosed admin-rescue event was identified during the assessment window, but the process gap is structural.
Sources #
- GitHubBenqi-fi/BENQI-Smart-Contracts Issues — GitHubBENQI GitHub issues — 3 open issues; zero admin/ACL/governance-change discussionsretrieved 2026-05-16
- BENQI Security: Audits, Risk Architecture — dev.todev.to BENQI security article — confirms multisig governance; 'BENQI monitors governance proposals for upgrade signals' but no formal forum process describedretrieved 2026-05-16
- Risks & Audits — BENQI DocsBENQI risks and audits docs — 'Protocol parameters... may be updated through [multisig] framework'; no governance forum or pre-execution discussion process describedretrieved 2026-05-16
Methodology #
Determine whether any admin-rescue function or ACL change was committed to the repo or executed on-chain without corresponding public discussion in issues, PRs, or governance forum.
See the full factor methodology and distribution across all protocols →