defirisk.co
rubric v1.7.0

Admin key custody type

BlackRock USD Institutional Digital Liquidity Fund (BUIDL)'s assessment for RD-F-025 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

[PD-042 rescore 2026-05-12, v1.7.0+] Single-administrator / no-multisig design is intentional architecture for a regulator-controlled tokenized issuer (the regulator is the counterparty-discipline mechanism). However, the residual operational risk of a single deployer-key compromise concentrating large fund-token authority is real, and the factor is downgraded to yellow rather than not_applicable to keep that signal visible. Per PD-042 (Cat 2 RWA-issuer subset, residual-risk treatment). ORIGINAL EVIDENCE (preserved from v1.6.0 grading): Effective upgrade/owner role held by Securitize Deployer EOA (0xd69fefe5df62373dcbde3e1f9625cf334a2dae78) via chain of custom proxy contracts. No multisig, no timelock. Classification: EOA with 2,939 txs, operational hot-wallet pattern.

Sources #

  • Etherscan
    https://etherscan.io/address/0xd69fefe5df62373dcbde3e1f9625cf334a2dae78retrieved 2026-04-26

Methodology #

Read the effective admin/owner/upgrader role on deployed contracts and classify as: EOA / multisig / multisig+timelock / full DAO+timelock / immutable.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol blackrock-buidl factor RD-F-025 score yellow collected_at 2026-05-12 09:40:42